Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Enterprise Directory and Security Implementation Guide", Charles Carrington et al

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKEDASIG.RVW 20031018 Enterprise Directory and Security Implementation Guide , Charles Carrington et al, 2002, 0-12-160452-7 %A Charles Carrington %A
    Message 1 of 1 , Dec 1, 2003
    • 0 Attachment
      BKEDASIG.RVW 20031018

      "Enterprise Directory and Security Implementation Guide", Charles
      Carrington et al, 2002, 0-12-160452-7
      %A Charles Carrington
      %A Timothy Speed
      %A Juanita Ellis
      %A Steffano Korper
      %C 525 B Street, Suite 1900, San Diego, CA 92101-4495
      %D 2002
      %G 0-12-160452-7
      %I Academic Press
      %O 619-231-0926 800-321-5068 fax: 619-699-6380
      %O http://www.amazon.com/exec/obidos/ASIN/0121604527/robsladesinterne
      http://www.amazon.co.uk/exec/obidos/ASIN/0121604527/robsladesinte-21
      %O http://www.amazon.ca/exec/obidos/ASIN/0121604527/robsladesin03-20
      %P 238 p.
      %T "Enterprise Directory and Security Implementation Guide"

      You've got to wonder about the quality of a book that starts out with
      an eight page section dedicated to copyright notices and disclaimers.

      The foreword is unclear about what directories are, although it does
      name DNS as a directory. One sentence starts out by saying that there
      are both risks and benefits to publishing a directory and then lists
      only the most dire of risks. There is no mention that directories can
      be used to support security activities such as PKI (Public Key
      Infrastructure.)

      Chapter one is an introduction, stating that directories provide
      information and mentioning X.500 and LDAP (Lightweight Directory
      Access Protocol) without clarifying why directories need a formal
      protocol. (There seems to be, in the text, a preference for humour
      over information.) The basics of directories as information sources
      are given in chapter two (although there is no material on the
      problems of distribution, scaling, and replication), as well as a
      brief mention of security. There is a bit of discussion of directory
      architecture design, another mention of LDAP, and illustrations that
      do not illuminate, in chapter three. Chapter four has an explanation
      of LDAP that will make sense to those already familiar with relational
      database concepts (but probably not, otherwise), and an allusion to
      the difference between security information stored in the database and
      the security of the directory, but this important point is not given
      the emphasis it deserves. Chapter five gives us a history of street
      directories, some discussion of privacy, and a consideration of email
      routing. Basic relational database concepts are examined fairly
      simplistically in chapter six. Chapter seven is a generic overview of
      enterprise security. There is a good outline of the suggested
      contents of a high-level security policy in chapter eight, although
      the material becomes repetitive when an email policy basically
      duplicates the previous material. Chapter nine has a brief but
      reasonable overview of PKI, several pages of screenshots (of
      questionable utility) of a Cylink demonstration, and a fifteen page
      sample "Certification Practices Statement." Examples of directories
      in chapter ten include Kerberos and DNS. A list of miscellaneous PC
      security products is in chapter eleven.

      Although the issues of security related to directories are both
      important and sparsely covered in the security literature, this poorly
      focussed and structured work does not provide much useful direction.

      copyright Robert M. Slade, 2003 BKEDASIG.RVW 20031018


      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      What can you say about a society that says God is dead
      and Elvis is alive? - Irv Kupcinet
      http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.