Loading ...
Sorry, an error occurred while loading the content.

[techbooks] REVIEW: "Information Warfare and Security", Dorothy Denning

Expand Messages
  • Rob Slade, doting grandpa of Ryan and Tr
    BKINWRSC.RVW 990212 Information Warfare and Security , Dorothy Denning, 1999, 0-201-43303-6, U$34.95/C$52.50 %A Dorothy Denning denning@cs.georgetown.edu
    Message 1 of 1 , Mar 23, 1999
    • 0 Attachment
      BKINWRSC.RVW 990212

      "Information Warfare and Security", Dorothy Denning, 1999,
      0-201-43303-6, U$34.95/C$52.50
      %A Dorothy Denning denning@...
      %C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
      %D 1999
      %G 0-201-43303-6
      %I Addison-Wesley Publishing Co.
      %O U$34.95/C$52.50 800-822-6339 Fax 617-944-7273 bkexpress@...
      %P 522 p.
      %T "Information Warfare and Security"

      Denning has chosen to take an inclusive approach to the topic of
      information warfare, not limiting the material to attacks on
      "military" targets. Given the state of physical warfare, this seems
      to be quite realistic. It does mean that the book tends to read like
      a high level computer security text (small wonder) with an emphasis on
      intrusions and the more overt aspects of computer crime.

      Part one is a foundation and background for the material to come.
      Chapter one looks at the great many information aspects to the Gulf
      War and Operation Desert Storm. One of the unusual factors reviewed
      is that of propaganda, or "perception management." A theory of
      infowar is the intent of chapter two, which outlines players and
      positions in a variety of ways. The theory is somewhat weakened for
      being strongly dependent upon the idea of the value of the information
      being attacked or defended, and this is an area that still requires
      work. Another possibly problematic area is the reliance on a "win-
      lose" model for data warfare, when there have been numerous instances
      of intruders, upon sufficient provocation, being willing to deny
      themselves a resource by damaging it, on the basis that the defenders
      stand to lose far more. (On the other hand, "bragging rights" seem to
      have a lot of value in the computer underground.) More detail on the
      players involved, and the possible types of attacks that have
      occurred, and might occur, are presented in chapter three.

      Part two looks at the specifics of offensive information warfare.
      Chapter four is extremely interesting, showing that "open source," or
      publicly available information, can and has been used for offensive
      and criminal undertakings in a variety of ways. Disinformation is
      reviewed in chapter five, including the odd phenomenon of urban
      legends and Internet hoaxes. The problem of damage from insiders,
      including, finally, a documented case of a salami attack (albeit a
      rather clumsy one), is covered in chapter six. Chapter seven
      discusses the interception of information and communications in a
      variety of ways, and, as a sideline, jamming and alteration. A
      variety of methods of computer intrusion are presented in chapter
      eight. False identity, both identity theft and outright false, are
      examined in chapter nine. The material on viruses and worms, in
      chapter ten, is solid, although I was sorry to see that a great many
      possibilities for reproductive mayhem that have been discussed over
      the years went unmentioned. ("Harlie," Dr. Denning. "When *HARLIE*
      Was One.") (Of course, when I sent the first draft, I had, myself,
      spelled "Harlie" incorrectly.)

      Part three looks at the opposite side, that of defence. Chapter
      eleven gives a good background to encryption, but, seemingly,
      primarily as a general concept, rather than going into detail on
      specific uses for protection. Authentication is dealt with in chapter
      twelve, and uses some of the cryptologic background. With monitoring
      and detection bracketing chapter thirteen, the section on firewalls
      seems just slightly misplaced. Chapter fourteen looks at risk
      analysis, planning, and some resources. The final chapter discusses
      defence of the nation, and national policy in this regard, with
      particular emphasis on the current situation in the US.

      The content of this book not only presents a clear picture of a number
      of aspects of information warfare, but does so in a very practical
      manner, informed by the need to use "real world" examples. In
      addition, the anecdotal evidence backing the material makes the book
      quite readable and interesting. As a text for a course in information
      warfare, it is complete and solidly based. As a reference for
      security analysts and practitioners, it is clear and thought-
      provoking. For those who may merely have some interest in the topic,
      it is engaging and informative.

      copyright Robert M. Slade, 1999 BKINWRSC.RVW 990212

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... rslade@... robertslade@... p1@...
      www.decus.ca/htbin/decnotes?conf=0::who_am_i&func=sdir&entry=17
      http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade

      ------------------------------------------------------------------------
      eGroup home: http://www.eGroups.com/list/techbooks
      Free Web-based e-mail groups by eGroups.com
    Your message has been successfully submitted and would be delivered to recipients shortly.