Abstract: To solve the problems derived from isolation of application security mechanism and operation system security mechanism,firstly,the concept of security channel and TCB extension was proposed,and then formal description of security channel was given.By practices,a TCB extension model which based on security channel was obtained.This model could be used to explain how to build security channel between different security mechanisms in order to achieve uniform and eliminate conflicts of those security mechanisms.Finally the theory and practicality of this model with security analysis and engineering implementation were proven.