* Overview of three-volume set of The Internet Encyclopedia
The Internet Encyclopedia is a valuable addition to any network professional’s or corporate library.
The encyclopedia’s editor-in-chief, Hossein Bidgoli is professor of management information systems at California State University in Bakersfield. He is also editor-in-chief of the _Encyclopedia of Information Systems_.
I have just received _The Internet Encyclopedia_ for review. This 2,635-page, three-volume work includes peer-reviewed contributions from more than 240 authors and more than 840 subject-expert reviewers. It was designed with the needs of both academics and working professionals in mind. A noteworthy feature is that everyone made a special effort to write simply and plainly so that even novices such as young students would be able to understand the articles.
Subject areas include:
* Applications
* Design, Implementation, And Management
* E-Commerce
* Foundation
* Infrastructure
* Legal, Social, Organizational, International, And Taxation Issues
* Marketing And Advertising On The Web
* Security Issues And Measures
* Supply-Chain Management
* Web Design And Programming
* Wireless Internet And E-Commerce
In addition to the articles on individual technologies such as Active Server Pages, Bluetooth, computer languages, e-commerce modalities, and so on, topics (and their authors) bearing directly on information assurance include at least the following:
* Authentication (Patrick McDaniel)
* Biometric Authentication (James L. Wayman)
* Computer Security Incident Response Teams (CSIRTs) (Raymond R. Panko)
* Computer Viruses And Worms (Robert Slade)
* Copyright Law (Gerald R. Ferrera)
* Cybercrime and Cyberfraud (Camille Chin)
* Denial-Of-Service Attacks (E. Eugene Schultz)
* Digital Identity (Drummond Reed and Jerry Kindall)
* Digital Signatures And Electronic Signatures (Raymond R. Panko)
* Disaster Recovery Planning (Marco Cremonini and Pierangela Samarati)
* Encryption (Ari Juels)
* Firewalls (James E. Goldman)
* Guidelines For Comprehensive Security System (Margarita Maria Lenk)
* International Cyberlaw (Julia Alpert Gladstone)
* Internet Security Standards (Raymond R. Panko)
* Intrusion Detection Techniques (Peng Ning and Shushil Jajodia)
* Law Enforcement (Robert Vaughn and Judith C. Simon)
* Legal, Social and Ethical Issues (Kenneth Einar Himma)
* Online Stalking (David J. Loundy)
* Passwords (Jeremy Rasmussen)
* Patent Law (Gerald Bluhm)
* Physical Security (Mark Michael)
* Privacy Law (Ray Everett-Church)
* Public-Key Infrastructure (PKI) (Russ Housley)
* Secure Electronic Transactions (SET) (Mark S. Merkow)
* Secure Sockets Layer (SSL) (Robert J. Boncella)
* Software Piracy (Robert K. Moniot)
* Trademark Law (Ray Everett-Church)
* Virtual Private Networks: Internet Protocol (IP) Based (David E. McDysan)
* Windows 2000 Security (E. Eugene Schultz)
Camille Chin, professor at West Virginia University College of Law, wrote an 11-page overview of cybercrime and cyberfraud. Chin writes beautifully – clear, assertive prose full of information. Her article reviews cybercrime definitions and statistics (I would have liked a brief warning about the difficulty of trusting non-scientific surveys) and then goes on to a remarkably informative and well structured summary of cybercrime, including:
* Cybercrime classifications
* Cybersabotage
– Trojan horses, viruses and worms
– Denial-of-service attacks
– Social engineering
* Cyberfraud
– Internet auction fraud
– Internet identity and credit card theft
– Internet investment fraud
I very much enjoyed reading this review and learned a good deal from Chin’s case studies. I particularly appreciated her succinct recommendations to readers for self-protection in each section.
The article on computer security incident response teams (CSIRT) was also especially interesting to me because of the series I am currently writing on that topic. I was pleased to find that the author is Professor Raymond Panko of the University of Hawaii at Manoa, a well-known author whose texts on data communications I have used for many years. In six pages of tightly written prose, Panko provides an excellent review of key issues and guidelines for CSIRTs. Topics include:
* Before the Incident
– Justifying the CSIRT
– Organizing the CSIRT
– Technology Base
– The Problem Of Communication
– The Decision To Prosecute
* During the Attack
– Discovery And Escalation
– Analysis
– Containment
– Recovery
– Protection Against Subsequent Attacks
* After the Attack
– Sanctions
– Postmortem Analysis
Each article in the Encyclopedia includes extensive glossaries, cross-references, and suggestions for further reading. My only complaint is that it doesn’t seem to be available (yet?) on CD-ROM. I hope the publisher will provide that option, which would make the work even more useful.
At $750 per set, this is not a casual purchase for most of us, but it is a reasonable investment for organizations with an IT staff, and a must for schools, colleges, universities and public libraries.
Note: I have no association with the publication reviewed other than gratitude for being given a free set for evaluation. What a perk for being a columnist!




