Author: -
ISBN No:
Review date: 13/12/2025
No of pages: 0
Publisher:
Year of publication:
Brief:
A round-up of books from our June print edition.
If you seek a break from reading about security – books published to impart facts that may or may not be well written – try News of a Kidnapping, a factual story by novelist Gabriel Garcia Marquez. It plunges you into early 1990s Colombia, nearly dragged under by drug-related terrorism. You meet characters like presidential security adviser and odd-sock wearer Rafael Pardo; and drugs emperor Pablo Escobar (shot by police 1993) who ‘had employees who spent the day engaging in lunatic converstaions on his telephones’ to outwit monitors, and who sometimes travelled by a bogus public minibus with false plates that never stopped and had bodyguards for ‘passengers’. As the title suggests, the book relates the hostage-taking of several important Colombians. Given that western oil workers remain at risk of kidnap, it’s background reading for any security manager dealing with Latin America, and the riveting read you’d expect from a Nobel Prize winner. (Penguin Books, œ6.99, paperback, 291 pages).
<br><br>
Fundamentals of Network Security by John E. Canavan (2001) claims that it can be understood even if you don’t have a technical background. That’s arguable; this book is a place to go if you need to be technical – to apply intrusion detection systems, private e-mail policies, and crisis response plans (and many other things for monitoring your network). 350 pages, œ49, published by Artech House.
Smart Card Security and Applications, (second edition, 2001), by consultant Mike Hendry, goes through the applications of smart cards – to authenticate users making remote payments, and over the internet, and as electronic tickets in transport and health. This overview takes you through the technology – encryption, passwords and biometrics, and chip cards. 328 pages, œ54, published by Artech House.
Security Fundamentals for E-Commerce (2001) by Austrian Dr Vesna Hassler Electronic Payment Systems. Payment Security Services. Payment Transaction Security. Digital Money Security. Electronic Check Security. An Electronic Payment Framework. Communication Network. Network Access Layer Security. Internet Layer Security. Transport Layer Security. Application Layer Security. HyperText Transfer Protocol. Web Server Security. Web Client Security. 416 pages, œ57, published by Artech House. See www.artech-house.com.
<br><br>
Available from US publishers Artech House from September is Computer Forensics and Privacy by Michael Caloyannides. Computer Forensics – What Is It? What Can Be Retrieved from a Computer? Why Is There Forensic Evidence Left Behind in a Computer? How Can Information Be Retrieved from One’s Computer? How to Protect One’s Computer from Leaving Sensitive Data Behind? Forensic Evidence Left Behind During and After Being Online on the Internet. Also covers legal issues and how to stay up to date via the internet. See www.artech-house.com.
<br><br>
Why do hackers do it – break the rules of privacy, steal passwords? Jeff Crume makes an interesting contrast with martial arts training where ‘you learn to fight so you won’t have to. In other words, the mastery of the skills leads to confidence, which leads to self-control, which makes violence essentially unnecessary’. Hackers, he explains, have the mastery of the computer skills, but without the self-control. His Inside Internet Security: What Hackers Don’t Want You To Know (2000) explains how hackers prey on human vulnerabilities. This paperback does us a service by putting hacking threats into perspective by slanting his book towards ‘what hackers don’t want you to know’ – typical chapter headings on those lines are ‘firewalls are just the beginning’, ‘humans are the weakest link’ and ‘attacks are getting easier’. By setting out the risks, to use a phrase of Crume’s, ‘security becomes a business enabler, rather than inhibitor’. The book is for anyone designing or administering a corporate or e-business network. 288 pages, ISBN 0-201-67516-1.
Terrorists hack into a computer and cause plane crashes, power blackouts, stock markets crashes – even food supplies to be poisoned and economies to collapse. Actually none of these things have happened, yet, but Dorothy E. Denning is Professor of Computer Science at Georgetown University in the States, warns in Information Warfare and Security (1999) that they might. Information systems can be stolen or sabotaged by deception, she warns, defining for us computer crime, cybercrime, and information terrorism. Security managers may consider such threats above them, but Professor Denning points out that information warfare is not just a matter of national security; there are connections to identity thieves, copyright infringers, and telecommunications fraudsters, to name but three criminal types. Hence she includes workplace monitoring and social engineering, definitely relevant to the security manager in industry. The chapter How to Tell a Fake, for example, considers how to tell whether information is trustworthy and genuine, and takes in biometrics, passwords, digital signatures, watermarking, and badges and cards. She says: ‘Information warfare itself raises many challenging issues. What is an acceptable level of risk’ … Who is responsible for protecting critical infrastructures? How can crimes be successfully investigated and prosecuted when the perpetrator resides in a different state or country from the victim or the information resources attacked?’ She admits that the book covers so much ground that a significant subject may only get a few sentences; however she does give many references – not least on-line ones, such as www.iwar.org and www.infowar.com. With husband Peter she is also author of Internet Besieged (1998).<br><br>
Published by Adddison-Wesley (see www.awlonline.com) 544 pages. ISBN 0-201-43303-6
<br><br>
‘How not to shoot yourself in the foot? is the promise of Web Security: A Step-by-Step Reference Guide, by US scientist Lincoln D Stein. There are plenty of ways to shoot yourself in the internet foot – the webmaster has to avoid denial-of-service attacks and viruses; control access with passwords or client certificates; secure credit card transactions; The paperback began life as FAQs (a web term for ?frequently asked questions?). ?I was concerned that new websites were going up at an amazing rate, with little appreciation for the security implications. I was dismayed that much of the advice being dispensed was incomplete or simply misinformed.? With admirable honesty he adds: ?the web is changing so rapidly that any book on security issues is out of date by the time it hits the shelves?. He starts with the basics – what are the risks to web security, and basic cryptography, and works up to access control to websites; and firewalls. Published by Adddison-Wesley (see www.awlonline.com) 448 pages, 1998. ISBN 0-201-63489-9
There are signs aplenty that to secure law-abiding people and property, security managers with limited budgets have to bear in mind how criminals behave, and analyse threats – that?s the thinking behind the new Jill Dando Institute of Crime Science, and the government likes the idea because finite anti-crime resources can hit the target better. Offender profiling is a set of techniques used by law enforcement agencies to try to identify perpetrators of serious crime. It?s in vogue thanks to the film Silence of the Lambs and the TV drama Cracker. But is offender profiling science or guesswork? Offender Profiling and Crime Analysis by Peter B Ainsworth takes us into the world (and it is worldwide – profilers are Dutch, British and FBI) of offender profiling. We?re into data gathering – crime mapping, geographical profiling, as well as investigative psychology. It?s heady stuff, and developing fast; the reality is even more fascinating than the fictional Hannibal Lecter. The author is director of the Henry Fielding Centre, University of Manchester, and author of Psychology and Crime: myths and reality (Longman, 2000).
Published by Willan Publishing, Culmcott House, Mill Street
Uffculme, Cullompton, Devon EX15 3AT. Ring 01884 840337, fax: 01884 840251; e-mail: sales@:willanpublishing.co.uk. ISBN 1-903240-21-2, 208 pages. Paperback œ16.99, ISBN 1-903240-22-0 Hardback £40.
