A file system protection mechanism for an operating system image for a
portable computing device is provided to assist in ensuring a good user
experience. A signed catalog file is embedded in a resource-sparing
operating system (OS), such as a Windows CE image, for security
enhancement and load verification purposes. The invention performs
various checks on the image and the signature of the image to ensure that
image has not been maliciously modified and that it complies with a
release standard. Such a mechanism is important to protect image loads
from external threats made possible by, e.g. recent incorporation of
broadband wireless and wireline connectivity for portable computing
devices. The signing technique includes creating a signed catalog of the
image and embedding that catalog into the image as it is loaded onto the
portable computing device.