NETWORK WORLD NEWSLETTER: M. E. KABAY ON SECURITY 12/02/04 Today's focus: Matt Bishop's latest hit
Dear [EMAIL PROTECTED], In this issue: * Security authority Matt Bishop publishes another book * Links related to Security * Featured reader resource _______________________________________________________________ This newsletter is sponsored by SBC Dialing for Dollars CRATE & BARREL'S VOIP MOVE NETS SAVINGS AND FLEXIBILITY An apples-to-apples comparison showed that a centralized, software-based, IP-based platform could provide significant cost savings and productivity benefits over a comparable, traditional PBX system. Download whitepaper now, click here http://www.fattail.com/redir/redirect.asp?CID=88820 _______________________________________________________________ COMPREHENSIVE ENTERPRISE STORAGE INFORMATION Go to NW Fusion's Research Center for detailed information on enterprise storage. Find the latest breaking news, case studies, white papers, commentary, reviews and more. Topics on how ILM impacts your storage strategy, how to migrate to a new tape drive, how to link SAN islands and more are all found in the Research Center. Click here: http://www.fattail.com/redir/redirect.asp?CID=89340 _______________________________________________________________ Today's focus: Matt Bishop's latest hit By M. E. Kabay Matt Bishop has published a new version of his magisterial text _Computer Security: Art and Science_, which was originally published in 2002. Bishop is the equivalent of a rock star in the world of information assurance education. Professor in the Department of Computer Science at the University of California in Davis, he has contributed immensely to the field since the late 1970s and his early years at Purdue University, where he received his PhD in 1984. He's a wonderful speaker - I've had the pleasure of hearing him several times over the years - and I'm sure his students must be thrilled to be in his courses. As he explains in his introduction to the new _Introduction to Computer Security_, his earlier text is intended for students (and anyone else) interested in the mathematical foundations of information assurance. However, he writes, the new book "is suited for computer security professionals, students, and prospective readers who have a less formal mathematical background, or who are not interested in the mathematical formalisms and would only be distracted by them, or for courses with a more practical than theoretical focus." He adds, "some students learn best by an informal description of the subject. What is the intuition underlying the ideas and principles of the field? How does the practitioner apply these to improve the state-of-the-art? For these students, this version of the book is more appropriate." According to his preface, Bishop has three goals for his new text: * To show the interrelations between practice and theory - in ��both directions. * To distinguish between computer security and cryptography (he ��points out that cryptography is a set of tools to support ��information assurance but not a panacea). * "To demonstrate that computer security is not just a science ��but also an art" - by which he means that security can never be ��designed or implemented as a theoretical construct divorced from ��external reality. "Just as an artist paints his view of the ��world onto canvas," he writes, "so does the designer of security ��features articulate his view of the world of human/machine ��interaction in the security policy and mechanisms of the system. ��Two designers may use entirely different designs to achieve the ��same creation, just as two artists may use different subjects to ��achieve the same concept." Depending on a professor's needs, the new text can easily be used for a one- or two-semester course of study of information assurance. Each of the 29 chapters includes interesting problems for students. For example, Chapter 1 includes "Argue for or against the following proposition. Ciphers that the government cannot cryptanalyze should be outlawed. How would your argument change if such ciphers could be used provided that the users registered the keys with the government?" Chapter 18 includes, "Map the assurance requirements of the TCSEC [the _Trusted Computer Systems Evaluation Criteria_ or "Orange Book"]... to the assurance requirements of the CC [the Common Criteria]." The text also has supplements available online, including PowerPoint slides for every chapter, an instructor's guide (due by the end of December) and information on an answer key for selected exercises. I think that computer and network security practitioners will find the text a fine addition to their library. Well done, Matt! RELATED EDITORIAL LINKS Computer Security: Art and Science http://www.amazon.com/exec/obidos/ASIN/0201440997/fusion0e Introduction to Computer Security http://www.amazon.com/exec/obidos/ASIN/0321247442/fusion0e Bishop's home page http://nob.cs.ucdavis.edu/~bishop/ Supplementary materials for the new textbook http://nob.cs.ucdavis.edu/book-intro/index.html Profiling cybercrime: Network threats and defense strategies http://www.nwfusion.com/supp/2004/cybercrime/ Start-up uses software for WLAN IPS Network World, 11/29/04 http://www.nwfusion.com/news/2004/112904airtight.html _______________________________________________________________ To contact: M. E. Kabay M. E. Kabay, Ph.D., CISSP, is Associate Professor in the Division of Business and Management at Norwich University in Northfield, Vt. Mich can be reached by e-mail <mailto:[EMAIL PROTECTED]> and his Web site <http://www2.norwich.edu/mkabay/index.htm>. A Master's degree in the management of information assurance in 18 months of study online from a real university - see <http://www3.norwich.edu/msia> _______________________________________________________________ This newsletter is sponsored by SBC Dialing for Dollars CRATE & BARREL'S VOIP MOVE NETS SAVINGS AND FLEXIBILITY An apples-to-apples comparison showed that a centralized, software-based, IP-based platform could provide significant cost savings and productivity benefits over a comparable, traditional PBX system. Download whitepaper now, click here http://www.fattail.com/redir/redirect.asp?CID=88819 _______________________________________________________________ ARCHIVE LINKS Archive of the Security newsletter: http://www.nwfusion.com/newsletters/sec/index.html Breaking security news: http://www.nwfusion.com/topics/security.html _______________________________________________________________ FEATURED READER RESOURCE COMPREHENSIVE ENTERPRISE STORAGE INFORMATION Go to NW Fusion's Research Center for detailed information on enterprise storage. Find the latest breaking news, case studies, white papers, commentary, reviews and more. Topics on how ILM impacts your storage strategy, how to migrate to a new tape drive, how to link SAN islands and more are all found in the Research Center. Click here: <http://www.nwfusion.com/topics/storage.html> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED]
