Franklin Heath Ltd

Master Your Information Assets

  • Categories

  • Meta

Security Patterns

Posted by Craig H on 4 May 2009

I’m on the program committee for the 3rd International Workshop on Secure Systems Methodologies Using Patterns (SPattern’09) and I’ve just submitted my reviews of submitted papers (2 days late, sorry!)

I first got involved in this several years ago, as a member of the Open Group Security Forum. Back then, using design patterns to address security problems was quite a new idea, and we spent a long time in the group (I think about 2 years!) coming up with a few basic Security Design Patterns, finally published in 2004.

Since then, there have been several books published on security patterns, and security is now an accepted domain of interest in the patterns community. The recent Symbian Press book, Common Design Patterns for Symbian OS, includes 4 patterns in the Security category, including one (Secure Agent) authored by yours truly 🙂

I believe etiquette dictates that I shouldn’t discuss the papers I reviewed, as they may or may not make it on to the final workshop programme, but if you are interested in taking advantage of the collected security expertise embodied in security patterns please make a note in your diary of the workshop dates: 31 Aug to 04 Sep 2009 in Linz, Austria.

I’ll update this post when the final workshop programme is published.

3 Responses to “Security Patterns”

  1. Donny said

    Looking forward to reading this … although I may not fully understand it, its worth the brain flux. I like trying & learning new things as much as possible.

    Curious … do you notice a trend of financial institutions continually being paired with Blackberry & BES for security purposes and if so, or not, how would Symbian Foundation or Symbian^2/3 be able to fight this without negatively affecting the end user experience for corporate collaboration. users from the trade floor – only 3 of which have seen my phone have asked what it is and asked why I choose it over the Bold. They’re amazed by the solid weight – not too heavy – and the functionality of hardware almost equal to the Bold (video playback & recording is lacking along with screen)

    • Craig H said

      “… do you notice a trend of financial institutions continually being paired with Blackberry & BES for security purposes …”

      You mean for their own internal use, or for use by their customers? For customers, I can’t say I have. One of the more popular mobile banking applications in the UK is MONILINK, which is cross-platform (written in MIDP Java) and runs very happily on Symbian^1 phones.

      For internal use, I can understand the attraction of BES given the ability to remotely manage the security policy of the phones. This sort of remote management isn’t (yet) a standard part of the Symbian Platform, but very similar features are already offered by Nokia E-series phones (including my current personal favourite, the very lovely E71!)

  2. Donny said

    I rock the E71 as well. However being in the home of RIM just 157KM away actually from their central world location here in Ontario, Canada its hard from corporations to leave the chains of RIM.

    We DID have a very heated and interactive meeting today regarding corporate BB use on limited 4MB or 20MB data plans. This by a LARGE nationwide longstanding corporate bank! this shocked me entirely!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: