truly the purveyors of complex policy on behalf of the individual person. Such use and orientation of responsibility are really not feasible with today’s high security computing platforms. They are too big, too expensive and too complex for the ubiquitous personal prosthesis role. Once such systems are required to service the policy requirements, including personal security characteristics, of more than one person, their very nature becomes suspect.

Our recurring example of an iconic personal electronic device in use today is the mobile cellular telephone. The GSM variant of mobile phones is comprised of a dual anatomy: the handset and the Subscriber Identity Module (SIM). The Subscriber Identity Module is a secure core that provides a degree of intrinsic security through its tamper-resistant and tamper-evident construction. The handset, on the other hand, encompasses a much more powerful but complex, and hence more vulnerable, set of capabilities; a powerful processor, lots of memory and a preferably intuitive and powerful user interface. Unlike the SIM, the handset has the more general characteristics we might expect from a personal computer, including its vulnerabilities to attack from malicious hackers. In the article Malware Goes Mobile in the November, 2006 issue of Scientific American, Mikko Hypponen indicated that malicious software akin to the viruses that have proven such a bane to personal computer systems was beginning to show up on mobile phone handsets. Given the much more structured and protected facilities for software modification on SIMs, the same types of attacks have not proven generally successful there. Another incarnation of a personal electronic device is the Blackberry, a device that enables the user to send and receive e-mail, along with performing a variety of other personal convenience functions. Both the mobile phone and the Blackberry make use of radio frequency channels to allow the user to connect to ubiquitous communication networks. Indeed, the latest incarnations of the latter include a variant of the former. All types of such devices make use of rechargeable batteries to effect portable, local power. The devices are small, aimed at being carried on the person of their user and effecting interactions between the user and other entities through radio frequency based connections. Both use a secure core for extended communications though GSM networks. Such wireless connectivity offers enhanced convenience, as the device does not have to leave the bearer’s direct, physical possession to be used. This greatly facilitates enhanced security and thereby enhanced trust characteristics. Consequently, we will assume a two-element architecture through which to consider the enhanced capabilities of the transcendent personal device; a sensori-motor body coupled to a protected, trusted core agent; a cognitive element that allows for some degree of trust establishment for the transcendent personal device as a whole. In drawing a parallel to evolutionary development leading to the human species, this suggests that current personal electronic devices are comparable to the hominids in general, if not to more specific precursors to Homo sapiens. But all this now leads us to perhaps the greatest departure from current architectures; a mutational leap in the vein of the emergence of modern humans some 50,000 years ago or more.

Self-Actualization

In most systems today, a personal electronic device secure core functions as a server to the system to which it connects. More strongly stated, the secure core is a slave to the external system’s mastery. When used as an admittance token, an employee card embedding a secure core may be inserted into or brought close to a turnstile, which is the interface point for a physical entry control system. When this system wants a bit of information from the employee card, it issues a command to retrieve it from the card. For some operations, the card bearer is asked to enter some identifying information, for example a Personal Identification Number (PIN) directly into the interface point for the control system. This system then conveys this personal identification number over to the

Book available at Midori Press (regular)
Book available at Midori Press (signed)
Book available at Amazon (regular)