Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Network Security", Charlie Kaufman/Radia Perlman/Mike Speciner

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKNTWSEC.RVW 20021106 Network Security , Charlie Kaufman/Radia Perlman/Mike Speciner, 2002, 0-13-046019-2, U$54.99/C$85.99 %A Charlie Kaufman
    Message 1 of 1 , Jan 14, 2003
    • 0 Attachment
      BKNTWSEC.RVW 20021106

      "Network Security", Charlie Kaufman/Radia Perlman/Mike Speciner, 2002,
      0-13-046019-2, U$54.99/C$85.99
      %A Charlie Kaufman ckaufman@...
      %A Radia Perlman radia@...
      %A Mike Speciner ms@...
      %C One Lake St., Upper Saddle River, NJ 07458
      %D 2002
      %G 0-13-046019-2
      %I Prentice Hall
      %O U$54.99/C$85.99 201-236-7139 fax 201-236-7131 mfranz@...
      %O http://www.amazon.com/exec/obidos/ASIN/0130460192/robsladesinterne
      %P 713 p.
      %T "Network Security: Private Communication in a Public World, 2e"

      For communications security, this is the text. As well as solid
      conceptual background of cryptography and authentication, there is
      overview coverage of specific security implementations, including
      Kerberos, PEM (Privacy Enhanced Mail), PGP (Pretty Good Privacy),
      IPsec, SSL (Secure Sockets Layer), AES (Advanced Encryption Standard),
      and a variety of proprietary systems. Where many security texts use
      only UNIX examples, this one gives tips on Lotus Notes, NetWare, and
      Windows NT.

      Chapter one is an introduction, with a brief primer on networking,
      some reasonable content on malware, and basic security models and
      concepts.

      Part one deals with cryptography. The foundational concepts are
      covered in chapter one. Symmetric encryption, in chapter three, is
      presented in terms of the operations of DES (Data Encryption
      Standard), IDEA (International Data Encryption Algorithm), and AES.
      Chapter four details the major modes of DES. The algorithms for a
      number of hash functions and message digests are described in chapter
      five. Asymmetric algorithms, such as RSA (Rivest-Shamir-Adleman) and
      Diffie-Hellman, are explained in chapter six, although one could wish
      for just slightly more material, such as actual numeric computations,
      that might reach a wider audience. The number theory basis of much of
      modern encryption is provided as well, in chapter seven. More,
      including a tiny bit on elliptic curves, is given in chapter eight.

      Part two covers authentication. The general problems are outlined in
      chapter nine. Chapter ten looks at the traditional means of
      authenticating people: something you know, have, or are. Various
      problems in handshaking are reviewed in chapter eleven. Chapter
      twelve describes some strong protocols for passwords.

      Part three examines a number of security standards. Kerberos gets two
      whole chapters, since we are provided with not only concepts but
      actual packets: version 4 in thirteen and 5 in fourteen. PKI (Public
      Key Infrastructure) terms, components, and mechanisms are outlined in
      chapter fifteen. The basic problems in real-time communications
      security are delineated in chapter sixteen. Chapter seventeen
      examines the authentication and encryption aspects of IPsec, while
      chapter eighteen deals with key exchange packets. SSL and TLS
      (Transport Layer Security) are described in chapter nineteen.

      Part four concentrates on electronic mail. Chapter twenty lays out
      the major concerns and problems. Chapter twenty one discusses PEM and
      S/MIME (Secure Multipurpose Internet Mail Extensions). PGP is covered
      in chapter twenty two.

      Part five contains miscellaneous topics. Chapter twenty three looks
      at firewalls, twenty four at a variety of specific security systems,
      and twenty five at Web issues. Folklore, in chapter twenty six,
      briefly lists a number of simple "best practices" that aren't
      generally part of formal security literature.

      The explanations are thorough and well written, with a humour that
      illuminates the material rather than obscuring it. The organization
      of the book may be a bit odd at times (the explanation of number
      theory comes only after the discussion of encryption that it
      supports), but generally makes sense. (It is, sometimes, evident that
      later text has created chapters that are slightly out of place.) The
      end of chapter "homework" problems are well thought out, and much
      better than the usual reading completion test. If there is a major
      weakness in the book, it is that the level of detail seems to vary
      arbitrarily, and readers may find this frustrating. Overall, though,
      this work provides a solid introduction and reference for network
      security related topics and technologies.

      copyright Robert M. Slade, 1996, 2002 BKNTWSEC.RVW 20021106

      --
      ======================
      rslade@... rslade@... slade@... p1@...
      Find book info victoria.tc.ca/techrev/ or sun.soci.niu.edu/~rslade/
      Upcoming (ISC)^2 CISSP CBK review seminars (+1-888-333-4458):
      February 10, 2003 February 14, 2003 St. Louis, MO
      March 31, 2003 April 4, 2003 Indianapolis, IN
    Your message has been successfully submitted and would be delivered to recipients shortly.