 |
|
You see, part of what Denning has done in "Information Warfare and Security" is chronicle what seems to be just about every breach in computer security over the past few years. Page after page of hacks, cracks, phreaks, and psyopts by everyone from teenagers and thrill seekers to spies and nuts. Credit card numbers, passwords, bank accounts -- they're all fair game for anyone who is bright, persistent, online, and so inclined.
Not that it was Denning's intent simply to titillate us with one interesting or exciting story after another. Instead, her goal is to provide us with a comprehensive overview of what's become known as "information warfare." In defining this term, Denning relies on a definition supplied by Winn Schwartau in his book Information Warfare (Thunder's Mouth Press, 1996) whereby:
"Information warfare consists of those actions intended to protect, exploit, corrupt, deny, or destroy information or information resources in order to achieve a significant advantage, objective, or victory of a specific adversary or adversaries."
However, Denning doesn't stop there. She goes on to explain that she attempts to take the definition deeper, to
"... provide a theory of information warfare based on the value of information resources to an offense or defense... Information warfare is a 'win-lose' activity. It is about "warfare" in the most general sense of conflict, encompassing certain types of crime as well as military operations."
To that end, Denning opens Information Warfare and Security with a description of the role of information warfare in the Gulf War. The brief history she presents is both interesting and exciting and immediately pulls you into the book. This chapter kicks off "Part I: Introduction" of the book, which covers other topics such as the author's theory of information warfare, and issues such as motivation and types of computer crime. From there, Denning moves to "Part II: Offensive Information Warfare" which addresses topics such as open source (no, not source code, but the information about all of us that is open and easily accessible), psyops ("psychological operations"), traitors and moles, corporate espionage, dumpster diving, shoulder surfing, phone phreaking, packet sniffers, e-mail forgeries, and much more. Finally, in "Part III: Defensive Information Warfare," Denning surveys the tools and techniques that enable individuals and organizations to protect themselves from attacks: cryptography, RSA, biometrics, digital signatures, trash disposal, firewalls, and the like.
Although Denning does explain the basics of topics such as public-key encryption in Part III, "Information Warfare and Security" isn't a technical book. Instead, it is perhaps the best single overview of the real-world security issues that you'll find. And what makes the book particularly interesting is that Denning puts the various types computer cracking into the broader context of topics such as phone phreaking (hey, I always like to read about the exploits of Cap'n Crunch) and other forms of information warfare. In fact, it is hard to imagine how she was able to gather all of the incidents described and present them in a coherent manner that keeps you reading.
In all likelihood, "Information Warfare and Security" won't realize over time the "classic" status of "Cryptography and Data Security" (they're not the same kinds of books), but it is important as a comprehensive introductory survey of the challenges we face in the coming century.
-- Jonathan Erickson
| Readability |
|
| Originality |
|
| Organization |
|
| Accuracy |
|
| Consistency |
|
| Depth |
|
| Timeliness |
|
| Editing |
|
| Design |
|
| Overall Value |
|
Explanation of ERCB rating scale: No stars = unacceptable, 1 Star = marginal, 2 Stars = average, 3 Stars = above average, 4 Stars = exceptional.