Another property of trust is leverage. Trust produces trust. One place where it can be seen very clearly is in the evolution of the trusted core of cellular phones. As we indicated earlier, the original idea was to tightly associate the phone with its owner in order to insure proper billing by the phone operator. The Subscriber Identity Module contained information that would allow the phone owner to be properly authenticated, with the SIM acting as a proxy. First, the owner provides a Personal Identification Number (PIN) to the SIM, and then the SIM authenticates with the operator of the digital network. By providing the proper information to the phone operator via radio waves, the cellular phone gets authorization to enter into communication with other phones, since the operator trusts that the person talking is also the person paying the bills.

Many phone operators started as regional companies that would cover a territory with enough antennas to allow their phone subscribers to communicate locally. As cellular phones became more common, people started to need to connect their phones through several operators, depending on the region they were calling from. This led to cross-agreements between operators, who agreed to service each other’s customers as long as those customers could prove that they were backed up by the operator they signed up with. Naturally, the roaming operator wanted such proof so that they could be paid by the original operator for their help in making the phone connection work. But what would this proof be? As it turns out, the answer was immediate. Since the phone owner could authenticate with the roaming operator in the same way as with the original operator, it was just a matter for the roaming operator to present the credentials of the caller to the original operator to prove the veracity of the transaction. This way, the trust between one company and a person extended to a trust between several companies and that person, without the need of extra mechanisms.

But, the extension of trust didn’t stop here. Since the owner was authenticated securely (or shall we say, securely enough, because Subscriber Identity Module authentication would in time become threatened, and required revisions, following the pattern of attacks and counter-measures that we illustrated earlier in this chapter), could that trust relationship be extended to other potential needs of the owner or the operator? In fact it could, and we will give a couple of examples.

A nice property of Subscriber Identity Modules is that they are removable. We can take our SIM out of our current cellular phone, buy another phone, put the module back in it, and immediately the new phone becomes our phone. From the phone operator perspective, it’s just as good as the old one. Since the SIM would allow one to move from one personal electronic device to another, wouldn’t it be nice if it also contained other important personal information which would then be kept current wherever the cellular phone was used? An obvious example of such personal information is the private phone book of the owner. This is the list of often called numbers, or less often called but important numbers. When we change cellular phone, we don’t want to reenter all those numbers by hand. Keeping them on the SIM makes them immediately transferable from one phone to the next. However, something else may happen. We may lose our cellular phone with its SIM, or we may lose our SIM alone. In both cases, we find ourselves losing not only our capability to call, but also our cherished phone book. To mollify this situation, phone operators introduced back up services. The phone book would be regularly backed up on the phone operator’s computers, and restored whenever the user needed it. This way, it is possible to buy another SIM and to restore the phone book on it. Again, the phone owner has the phone book at hand wherever in the world it is needed. However, it is obvious that the phone operator wouldn’t let anybody restore a phone book without getting the proper credentials. So, here we go again. The same mechanism that was used to identify callers could be used to validate the request for a phone book restoration. Again, trust in one function was used to provide a new function.

Book available at Midori Press (regular)
Book available at Midori Press (signed)
Book available at Amazon (regular)