Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Internet and Intranet Security Management", Lech Janczewski

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKIISMRS.RVW 20020825 Internet and Intranet Security Management , Lech Janczewski, 2000, 1-878-28971-3, U$69.95 %E Lech Janczewski %C 1331 E. Chocolate
    Message 1 of 1 , Jan 9, 2003
    • 0 Attachment
      BKIISMRS.RVW 20020825

      "Internet and Intranet Security Management", Lech Janczewski, 2000,
      1-878-28971-3, U$69.95
      %E Lech Janczewski
      %C 1331 E. Chocolate Ave., Hershey, PA 17033-1117
      %D 2000
      %G 1-878-28971-3
      %I IRM Press/Idea Group
      %O U$69.95 800-345-432 fax: 717-533-8661 cust@...
      %O http://www.amazon.com/exec/obidos/ASIN/1878289713/robsladesinterne
      %P 302 p.
      %T "Internet and Intranet Security Management: Risks and Solutions"

      There is a heavy emphasis, in the preface, on the book's being up to
      date. Yet the very first article relies on survey data that was three
      years old at the time the essay was written.

      Part one supposedly talks about the state of the (security, one
      assumes) art. Chapter one is a vague and superficial look at random
      topics and technology related to security, plus results of the
      aforementioned opinion poll. A list of Internet security problems,
      and solutions that are not connected to the difficulties, make up
      chapter two.

      Part two deals with managing Internet security. Chapter three has
      terse descriptions of a number of theories of trust, related to some
      generic security concepts. There are brief overviews of the TCSEC
      (Trusted Computer System Evaluation Criteria), Common Criteria, and
      not-really-the-BS7799 in chapter four. Out of thirty three pages in
      chapter five, three discuss the general subject of Web security, while
      there is almost nothing on the titular topic of management of Web

      Part three reviews cryptographic and technical security standards.
      (There are a great many grammatical errors, and the authors use
      almost-but-not-quite standard terminology.) Chapter six is an
      opinionated piece, but does touch on some basic cryptographic ideas.
      Myths and limitations of cryptography are listed in chapter seven.
      Chapter eight has descriptions, that are both overly technical and
      incomplete, of ISO cryptographic standards.

      Part four talks about law and security. Chapter nine discusses
      privacy, but only in regard to employer monitoring of employee email.
      The weaknesses of the New Zealand privacy law are commented on in
      chapter ten.

      It is difficult to say that any audience would benefit from this vague
      collection of unfocused ideas.

      copyright Robert M. Slade, 2002 BKIISMRS.RVW 20020825

      rslade@... rslade@... slade@... p1@...
      Find book info victoria.tc.ca/techrev/ or sun.soci.niu.edu/~rslade/
      Upcoming (ISC)^2 CISSP CBK review seminars (+1-888-333-4458):
      February 10, 2003 February 14, 2003 St. Louis, MO
      March 31, 2003 April 4, 2003 Indianapolis, IN
    Your message has been successfully submitted and would be delivered to recipients shortly.