BKNTSCES.RVW 20031210 "Network Security Essentials", William Stallings, 2000, 0-13-016093-8, U$48.00/C$75.81 %A William Stallings ws@shore.net %C One Lake St., Upper Saddle River, NJ 07458 %D 2000 %G 0-13-016093-8 %I Prentice Hall %O U$48.00/C$75.81 201-236-7139 fax: 201-236-7131 %O http://www.amazon.com/exec/obidos/ASIN/0130160938/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/0130160938/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/0130160938/robsladesin03-20 %P 366 p. %T "Network Security Essentials: Applications and Standards" The existence of this book is a bit odd, particularly in view of the fact that it shares so much material with Stallings' "Cryptography and Network Security." The (clear and structured) preface, however, states that the intent is to provide a practical survey of network security applications and standards, particularly those in widespread use. As with the earlier work, this book is intended to serve both as a textbook for an academic course of study, and as a self-study and reference guide for practicing professionals. There is reduced detail in regard to cryptography. Chapter one is an introduction, and provides a good list of basic concepts and vocabulary. It may not be completely apparent to all readers that the emphasis is on threats to data transmissions and there is limited review of attacks on functioning systems. Part one deals with cryptography. Chapter two covers symmetric block ciphers in fundamental but sound terms, illustrated by an explanation of DES (Data Encryption Standard). The logic is heavily symbolic at times, but that should not be an impediment to the reader. It is interesting that chapter three views asymmetric cryptography as an extension of message authentication codes, but the explanations are articulate, including both algebraic and numeric examples, although the numeric illustrations could be fuller. Part two deals with network security applications. Chapter four looks at authentication applications, concentrating on Kerberos and X.509. The examples of email security systems given in chapter five are PGP (Pretty Good Privacy) and S/MIME (Secure/Multipurpose Internet Mail Extension). Security provisions for the Internet Protocol (IP) itself are reviewed in chapter six. Web security, in chapter seven, discusses SET (Secure Electronic Transaction) and SSL (Secure Sockets Layer). Chapter eight reviews SNMP (Simple Network Management Protocol) both in terms of network management for security purposes, and in regard to cryptography for authentication of the application itself. Part four outlines general system security. Intruders and malicious software are lumped together in chapter nine, with a reasonable outline of the types of malware, but not dealing as well with viruses themselves. (Activity Monitors are referred to as "third generation" tools, when they actually predate both signature scanners ["first generation"] and heuristics ["second generation"].) Chapter ten finishes off the book with a description of firewalls, but has a rather odd inclusion of basic access control and trusted systems. Each chapter ends with a set of recommended readings and problems. Many chapters also have appendices giving additional details of specific topics related to the subject just discussed. A very reasonable guide, although possibly less practical than it intended to be. copyright Robert M. Slade, 2003 BKNTSCES.RVW 20031210