LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: July 28th, 2014
Linux Advisory Watch: July 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Review: Computer Security Basics 2nd Edition Print E-mail
User Rating:      How can I rate this item?
Posted by Administrator   
Book Reviews In a perfect world, a book like this wouldn't be necessary anymore, except for the new entries into security. Businesses and organizations would have all gotten the point by now. And yet, gaps in security, flaws in policy and general complacency have made an overview of security just as important today as it was five years ago. In a review of this second edition of Computer Security Basics, however, Robert Slade sums up a resource that could have had potential, but instead, fails to live up to its predecessor.



Vitals:

Title Computer Security Basics, Second Edition
Authors Rick Lehtinen, Deborah Russell, G. T. Gangemi Sr.
Pages 296
ISBN 0-596-00669-1
Publisher O'Reilly and Associates, Inc.
Edition 2nd Edition
Purchase http://www.amazon.com/exec/obidos/ASIN/0596006691/

Audience:

Computer Security Basics was a pretty accurate name for the first edition. The book was an overview of many aspects that go into the security of computers and data systems. While not exhaustive, it provided a starting point from which to pursue specific topics that required more detailed study. Such is no longer the case.

Part one looks at security for today. Chapter one starts with 9/11, then talks about various infosec groups, and only then gets to an introduction of what security is, and how to evaluate potential loopholes. The definition points out the useful difference between the problems of confidentiality and availability, and now adds integrity. The distinction between threats, vulnerabilities and countermeasures is helpful, but may fail to resolve certain issues. Ironically, in view of the title of this section, chapter two gives some historical background to the development of modern data security.

Part two deals with computer security itself. Chapter three looks at access control, but is somewhat unstructured. Malware and viruses receive the all-too-usual mix of advice and inaccuracies in chapter four. Policy is supposed to be the topic of chapter five, but most of the text is concerned with matters of operations. Internet and Web technologies, and a few network attacks, are listed in chapter six.

The prior inclusion of network topics is rather funny, since part three delves into communications security. Chapter seven turns first to encryption, which could be presumed to have applications in more than communications, although it is important in that field. The material on encryption is quite scattered and disorganized, and the explanation of asymmetric systems is probably more confusing than helpful. A lot about networks, a list of network security components, and not much that is useful makes up chapter eight.

Part four turns to other types of security. Chapter nine takes a confused look at physical security, and includes biometrics: as with encryption and communications, the topic that could be related to physical security, but might more properly be dealt with elsewhere. Chapter ten reviews wireless LANs, mentioning threats, but only tersely listing security measures, with no detail for use or implementation.

The original version of the book was a good starting point for beginners who had to deal with computer security at a basic level. This second edition is a tremendous disappointment: Lehtinen has done a disservice not only to Russell and Gangemi, but also to those relying on this foundational guide. The tone of the first edition may have been too pompous, but the contents were informed by the primary concerns for information security. This update has introduced random new technical trivia, muddied the structure and flow, and reduced the value of the reference overall.

copyright Robert M. Slade, 1993, 2002, 2006 BKCMPSEC.RVW 20060819

Comments
HexBolts,Hex Bolt and nut,Hex Bolt ManufWritten by windsor exports on 2008-09-22 00:23:03
Manufacturer and Supplier of Hex Bolts, auto bolts, agriculture fasteners, screw, u bolt, t bolt, auto spares, banjo bolt, Hex Bolt from India, stainless steel bolts, bolt nut, stainless steel lag bolts, crown bolt, crown and screw bolt, nut and bolt retail, banjo bolts, nuts

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Hackers Plundered Israeli Defense Firms that Built ‘Iron Dome’ Missile Defense System
Internet of things big security worry, says HP
Boffins build FREE SUPERCOMPUTER from free cloud server trials
Insecure Connections: Enterprises hacked after neglecting third-party risks
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.