NETWORK WORLD NEWSLETTER: M. E. KABAY ON SECURITY 11/18/04 Today's focus: Information security dictionary
Dear [EMAIL PROTECTED], In this issue: * Review of new information security dictionary * Links related to Security * Featured reader resource _______________________________________________________________ This newsletter is sponsored By BMC Software Linking IT Priorities to Business Objectives, an IDC whitepaper. Get insights from IDC on aligning business goals and IT priorities. IDC offers practical, actionable information on how Business Service Management can help you reduce operating costs, improve service levels, respond faster to business needs and protect delivery of business-critical. Click here to download this whitepaper now. http://www.fattail.com/redir/redirect.asp?CID=88337 _______________________________________________________________ DOWNLOAD INDUSTRY WHITE PAPERS NOW NW Fusion's White Paper Library is your source for the latest industry white papers. Recent additions to the library include white papers on WLAN Security; IT Documentation; protecting the internal network from worms, Trojan horses, and other malware threats; measuring employee productivity and more. Click here to download: http://www.fattail.com/redir/redirect.asp?CID=88315 _______________________________________________________________ Today's focus: Information security dictionary By M. E. Kabay Urs Gattiker published a new information security dictionary this year; it is subtitled, "Defining the terms that define security for e-business, Internet, information and wireless technology." Gattiker is a powerhouse in the information security field. He has been a prime mover in the European Institute for Computer Antivirus Research (EICAR) since 1994; a professor at distinguished universities all over the world (Denmark, Australia, Canada, Germany, the U.S.); founder of security companies (Bullguard); and author of numerous technical texts in security and information technology. He currently holds the Parcham Foundation Professorship in Management and Information Sciences at the International School of New Media of the University of L�beck in Germany. He has been a personal and professional friend since I met him at EICAR meetings in the mid-1990s. The new dictionary is a small (9.5 inches by 6.3 inches), beautifully bound book suitable for academic and corporate libraries. As explained in the introduction, it "defines over 1200 of the most commonly used words in security field, with particular attention to those terms used most often in forensics, malware, viruses, vulnerabilities, and IPv6." Sections for each letter are marked stepwise on the edge of the pages for easy navigation of the dictionary. Despite its modest self-description, the book is more than simply a dictionary; perhaps we can call it a teaching dictionary. Entries include not only definitions but also commentary. For example, the very first entry, "Abend / Application Crash" is as follows: "(derived from 'abnormal end') is where an applications program aborts, or terminated abruptly and unexpectedly. One of the prime reasons for thorough testing of an organization's application systems is to verify that the software works as expected. A significant risk to data is that, if an application crashes it can also corrupt the data file which was open at the time." Some entries are extensive enough to qualify as short encyclopedia articles. For example, "Firewall" and "Firewall Code" extend over three pages and provide an overview of firewall types and applications extending even to suggestions on configuration. Similarly, "Intrusion Detection" has a helpful table of IDS-related vocabulary spanning four pages. Many of the definitions are charmingly imaginative. For example, one definition begins, "Phishing is hacker lingo for fishing, whereby a million books are put into the water using Spam to see who bites." Some of the entries are unusually blunt in conveying the editor's opinion - quite rare for a dictionary. For example, in the "phishing" entry, the author writes: "The above illustrates that privacy legislation in the USA may have little teeth if the courts do not protect invasion. If firms do what Chase did [selling clients' personal information to telemarketers], we will have many annoying calls during the early evening hours trying to sell us stuff we do not want. Then it becomes a pest[;] maybe what is needed is that the victim does not have to claim damages but that the violator would face stiff fines and criminal penalties." The book includes about 25 pages of densely printed pointers to security reference materials including online databases, other dictionaries and encyclopedias, useful Web sites, laws, regulations, standards, best practices, tools, awareness materials and advisories. There are some minor problems with this first edition; some of the English is a bit awkward and I did find a few entries with garbled text. In correspondence with me, Gattiker assured me that he has already started a list of corrections for a second edition. However, on the whole, I'm delighted to see Gattiker's work and look forward to a long print run and many future editions. RELATED EDITORIAL LINKS The Information Security Dictionary http://www.amazon.com/exec/obidos/ASIN/1402078897/fusion0e/ Information Security This Week http://security.weburb.org/frame/newsboard/other/newsboard.html How best to patch: a debate Network World Fusion, through 11/19/04 http://www.nwfusion.com/cgi-bin/forum/gforum.cgi?post=1964 Sesame opens up wireless guest access Network World, 11/15/04 http://www.nwfusion.com/news/2004/111504sesame.html Vendors uncrate single sign-on software Network World, 11/15/04 http://www.nwfusion.com/news/2004/1115impriviata.html Companies target IM, peer-to-peer threats Network World, 11/15/04 http://www.nwfusion.com/news/2004/111504secure.html _______________________________________________________________ To contact: M. E. Kabay M. E. Kabay, Ph.D., CISSP, is Associate Professor in the Division of Business and Management at Norwich University in Northfield, Vt. Mich can be reached by e-mail <mailto:[EMAIL PROTECTED]> and his Web site <http://www2.norwich.edu/mkabay/index.htm>. A Master's degree in the management of information assurance in 18 months of study online from a real university - see <http://www3.norwich.edu/msia> _______________________________________________________________ This newsletter is sponsored By BMC Software Linking IT Priorities to Business Objectives, an IDC whitepaper. Get insights from IDC on aligning business goals and IT priorities. IDC offers practical, actionable information on how Business Service Management can help you reduce operating costs, improve service levels, respond faster to business needs and protect delivery of business-critical. Click here to download this whitepaper now. http://www.fattail.com/redir/redirect.asp?CID=88337 _______________________________________________________________ ARCHIVE LINKS Archive of the Security newsletter: http://www.nwfusion.com/newsletters/sec/index.html Breaking security news: http://www.nwfusion.com/topics/security.html _______________________________________________________________ FEATURED READER RESOURCE NW FUSION PARTNERS' SITES NOW AVAILABLE Network World Fusion Partners is a collaborative effort between Network World and sponsoring Partner companies. Each microsite contains best-of-breed information as well as custom content not found anywhere else, including a custom email newsletter and special offers. It is current, top-of-mind information that is readily accessible and bundled into one comprehensive package. Visit the NWFusion Partner sites to learn about storage solutions, network access solutions, optical networking and more. Visit NWFusion Partners at: <http://www.nwfusion.com/go/nwprr> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED]
