Craig has been working in IT security since 1988, first at The Santa Cruz Operation as security architect for SCO UNIX and then at Lutris Technologies as security architect for their Java Enterprise Application Server product.  He joined Symbian in 2002, working in product management and strategy.

A member of The Open Group Security Forum since X/Open times in 1993, he has contributed to several published security standards including XBSS (baseline system security requirements), XDAS (distributed audit) and XSSO (single sign-on).  He has also participated in standards work within POSIX, IETF, the Java Community Process, and the Open Mobile Alliance.  He graduated from the University of Warwick with a B.Sc. in computer science in 1984.

Craig is co-author of The Open Group "Technical Guide to Security Design Patterns", lead author of The Open Group "Guide to Digital Rights Management" and lead author of "Symbian OS
Platform Security" published by Wiley.

Presentation
Mobile Device Security Controls - Protecting Network Infrastructure and Enabling Independent Application Develop
Reviewing the current state of the art of security controls on mobile phone application software.  We will consider the motivations of legitimate stakeholders (including network operators, enterprises and end users) and attackers (malware authors and fraudsters) and consider the economics of addressing the threats (which vendors and service providers can provide security measures and which parties are willing to bear the cost).  We will present Symbian's experience of introducing security controls into a mobile device operating system and the effects we have seen now that tens of millions of devices with those security controls are in use around the world.  Finally we will consider whether the inevitable costs of these security measures have been worthwhile and fairly apportioned.

return to program