REVIEW: "Internet and Intranet Security Management", Lech Janczewski
- BKIISMRS.RVW 20020825
"Internet and Intranet Security Management", Lech Janczewski, 2000,
%E Lech Janczewski
%C 1331 E. Chocolate Ave., Hershey, PA 17033-1117
%I IRM Press/Idea Group
%O U$69.95 800-345-432 fax: 717-533-8661 cust@...
%P 302 p.
%T "Internet and Intranet Security Management: Risks and Solutions"
There is a heavy emphasis, in the preface, on the book's being up to
date. Yet the very first article relies on survey data that was three
years old at the time the essay was written.
Part one supposedly talks about the state of the (security, one
assumes) art. Chapter one is a vague and superficial look at random
topics and technology related to security, plus results of the
aforementioned opinion poll. A list of Internet security problems,
and solutions that are not connected to the difficulties, make up
Part two deals with managing Internet security. Chapter three has
terse descriptions of a number of theories of trust, related to some
generic security concepts. There are brief overviews of the TCSEC
(Trusted Computer System Evaluation Criteria), Common Criteria, and
not-really-the-BS7799 in chapter four. Out of thirty three pages in
chapter five, three discuss the general subject of Web security, while
there is almost nothing on the titular topic of management of Web
Part three reviews cryptographic and technical security standards.
(There are a great many grammatical errors, and the authors use
almost-but-not-quite standard terminology.) Chapter six is an
opinionated piece, but does touch on some basic cryptographic ideas.
Myths and limitations of cryptography are listed in chapter seven.
Chapter eight has descriptions, that are both overly technical and
incomplete, of ISO cryptographic standards.
Part four talks about law and security. Chapter nine discusses
privacy, but only in regard to employer monitoring of employee email.
The weaknesses of the New Zealand privacy law are commented on in
It is difficult to say that any audience would benefit from this vague
collection of unfocused ideas.
copyright Robert M. Slade, 2002 BKIISMRS.RVW 20020825
rslade@... rslade@... slade@... p1@...
Find book info victoria.tc.ca/techrev/ or sun.soci.niu.edu/~rslade/
Upcoming (ISC)^2 CISSP CBK review seminars (+1-888-333-4458):
February 10, 2003 February 14, 2003 St. Louis, MO
March 31, 2003 April 4, 2003 Indianapolis, IN