The most ubiquitous personal electronic device today, the mobile handset comes from different manufacturers with very different means of operation, as defined by their operating system. This environment is not like the world of personal computers, where almost all use a version of the Microsoft Windows operating system.

All handset operating systems provide means for the handset to access information in the Subscriber Identity Module. The handset will need to get user information from the SIM to establish a session with the mobile operator gateway and to encrypt the voice for privacy. This is done by software called middleware, because it sits in the middle between the handset and the SIM. This part of the handset middleware is defined by a European Telecommunications Standards Institute specification that all handsets in the world must follow, numbered 11.11. Another piece of middleware on the handset is numbered 11.14 and provides means for the SIM to access handset resources. For example, the SIM can use the screen of the handset to display menus for asking users their personal identification number for authorization, or other information like new preferences.

Point-of-sale terminals use banking chip cards to perform two basic functions. They talk to the consumer card to establish its validity, and they talk to a commerce gateway to establish the financial transaction. As we’ve discussed, point-of-sale terminals themselves contain their own trusted core, a chip card called Subscriber Access Module (SAM), which is used to authenticate the merchant owning the point-of-sale terminal. As you can see, the point-of-sale terminal plays the role of the personal electronic device of the merchant here. So just like a mobile handset, a point-of-sale terminal contains middleware that knows how to talk with trusted cores, and that, in turn, knows how to relate information about the transaction to various communication peripherals, be they prompters to confirm the transaction, printers to provide a record or communications to link to the gateway.

When a trusted core, say in the form of a smart card, is inserted into a laptop computer, much middleware software is activated. This is because a computer is a much more general tool than a mobile phone or a point-of-sale terminal. The first layer of software encountered by the smart card is a card service component, which allows the computer to talk with all sorts of cards. It even allows the computer to talk with several cards at once. The second layer allows the computer to use the card for basic operations that are very important to provide a standard set of functions that smart cards perform. This layer is a cryptographic component allowing the cards to serve all sorts of encryption and decryption operations.

Those two layers are found on all Microsoft computers. Then above or next to these layers, other layers can be present that provide various card oriented operations, for example encrypting and decrypting e-mail, or logging on a remote computer to access a corporate gateway to the network.

As we noted earlier, the model for much Internet access today is a client-server model. The users of personal electronic devices are ubiquitously using Web browsers that make use of standard protocols to access a wealth of servers that present content to them. Such a protocol is the HyperText Transfer Protocol (HTTP), a name you would be familiar with as you see it in all those Web site addresses, for example http://www.google.com. The server structure can be quite complex, but the general connection facility, which functions as a gateway (or sentinel) to the content is highly standardized. For provision of industry network access (for example, from mobile telephony) to the Internet, the gateway function also provides protocol translation services. For example, it is able to map the over the air protocols between the handset and the base station into TCP/IP to allow connection to arbitrary servers on the Internet.

Book available at Midori Press (regular)
Book available at Midori Press (signed)
Book available at Amazon (regular)