"Network Security Essentials", William Stallings, 2000, 0-13-016093-8,
%A William Stallings ws@...
%C One Lake St., Upper Saddle River, NJ 07458
%I Prentice Hall
%O U$48.00/C$75.81 201-236-7139 fax: 201-236-7131
%P 366 p.
%T "Network Security Essentials: Applications and Standards"
The existence of this book is a bit odd, particularly in view of the
fact that it shares so much material with Stallings' "Cryptography and
Network Security." The (clear and structured) preface, however,
states that the intent is to provide a practical survey of network
security applications and standards, particularly those in widespread
use. As with the earlier work, this book is intended to serve both as
a textbook for an academic course of study, and as a self-study and
reference guide for practicing professionals. There is reduced detail
in regard to cryptography.
Chapter one is an introduction, and provides a good list of basic
concepts and vocabulary. It may not be completely apparent to all
readers that the emphasis is on threats to data transmissions and
there is limited review of attacks on functioning systems.
Part one deals with cryptography. Chapter two covers symmetric block
ciphers in fundamental but sound terms, illustrated by an explanation
of DES (Data Encryption Standard). The logic is heavily symbolic at
times, but that should not be an impediment to the reader. It is
interesting that chapter three views asymmetric cryptography as an
extension of message authentication codes, but the explanations are
articulate, including both algebraic and numeric examples, although
the numeric illustrations could be fuller.
Part two deals with network security applications. Chapter four looks
at authentication applications, concentrating on Kerberos and X.509.
The examples of email security systems given in chapter five are PGP
(Pretty Good Privacy) and S/MIME (Secure/Multipurpose Internet Mail
Extension). Security provisions for the Internet Protocol (IP) itself
are reviewed in chapter six. Web security, in chapter seven,
discusses SET (Secure Electronic Transaction) and SSL (Secure Sockets
Layer). Chapter eight reviews SNMP (Simple Network Management
Protocol) both in terms of network management for security purposes,
and in regard to cryptography for authentication of the application
Part four outlines general system security. Intruders and malicious
software are lumped together in chapter nine, with a reasonable
outline of the types of malware, but not dealing as well with viruses
themselves. (Activity Monitors are referred to as "third generation"
tools, when they actually predate both signature scanners ["first
generation"] and heuristics ["second generation"].) Chapter ten
finishes off the book with a description of firewalls, but has a
rather odd inclusion of basic access control and trusted systems.
Each chapter ends with a set of recommended readings and problems.
Many chapters also have appendices giving additional details of
specific topics related to the subject just discussed.
A very reasonable guide, although possibly less practical than it
intended to be.
copyright Robert M. Slade, 2003 BKNTSCES.RVW 20031210
====================== (quote inserted randomly by Pegasus Mailer)
rslade@... slade@... rslade@...
If people do not believe that mathematics is simple, it is only
because they do not realize how complicated life is.
- John Louis von Neumann