Review: The Internet Encyclopedia

Opinion
Jun 15, 20044 mins

* Overview of three-volume set of The Internet Encyclopedia

The Internet Encyclopedia is a valuable addition to any network professional’s or corporate library.

The encyclopedia’s editor-in-chief, Hossein Bidgoli is professor of management information systems at California State University in Bakersfield. He is also editor-in-chief of the _Encyclopedia of Information Systems_.

I have just received _The Internet Encyclopedia_ for review. This 2,635-page, three-volume work includes peer-reviewed contributions from more than 240 authors and more than 840 subject-expert reviewers. It was designed with the needs of both academics and working professionals in mind. A noteworthy feature is that everyone made a special effort to write simply and plainly so that even novices such as young students would be able to understand the articles.

Subject areas include:

* Applications

* Design, Implementation, And Management

* E-Commerce

* Foundation

* Infrastructure

* Legal, Social, Organizational, International, And Taxation Issues

* Marketing And Advertising On The Web

* Security Issues And Measures

* Supply-Chain Management

* Web Design And Programming

* Wireless Internet And E-Commerce

In addition to the articles on individual technologies such as Active Server Pages, Bluetooth, computer languages, e-commerce modalities, and so on, topics (and their authors) bearing directly on information assurance include at least the following:

* Authentication (Patrick McDaniel)

* Biometric Authentication (James L. Wayman)

* Computer Security Incident Response Teams (CSIRTs) (Raymond R. Panko)

* Computer Viruses And Worms (Robert Slade)

* Copyright Law (Gerald R. Ferrera)

* Cybercrime and Cyberfraud (Camille Chin)

* Denial-Of-Service Attacks (E. Eugene Schultz)

* Digital Identity (Drummond Reed and Jerry Kindall)

* Digital Signatures And Electronic Signatures (Raymond R. Panko)

* Disaster Recovery Planning (Marco Cremonini and Pierangela Samarati)

* Encryption (Ari Juels)

* Firewalls (James E. Goldman)

* Guidelines For Comprehensive Security System (Margarita Maria Lenk)

* International Cyberlaw (Julia Alpert Gladstone)

* Internet Security Standards (Raymond R. Panko)

* Intrusion Detection Techniques (Peng Ning and Shushil Jajodia)

* Law Enforcement (Robert Vaughn and Judith C. Simon)

* Legal, Social and Ethical Issues (Kenneth Einar Himma)

* Online Stalking (David J. Loundy)

* Passwords (Jeremy Rasmussen)

* Patent Law (Gerald Bluhm)

* Physical Security (Mark Michael)

* Privacy Law (Ray Everett-Church)

* Public-Key Infrastructure (PKI) (Russ Housley)

* Secure Electronic Transactions (SET) (Mark S. Merkow)

* Secure Sockets Layer (SSL) (Robert J. Boncella)

* Software Piracy (Robert K. Moniot)

* Trademark Law (Ray Everett-Church)

* Virtual Private Networks: Internet Protocol (IP) Based (David E. McDysan)

* Windows 2000 Security (E. Eugene Schultz)

Camille Chin, professor at West Virginia University College of Law, wrote an 11-page overview of cybercrime and cyberfraud. Chin writes beautifully – clear, assertive prose full of information. Her article reviews cybercrime definitions and statistics (I would have liked a brief warning about the difficulty of trusting non-scientific surveys) and then goes on to a remarkably informative and well structured summary of cybercrime, including:

* Cybercrime classifications

* Cybersabotage

– Trojan horses, viruses and worms

– Denial-of-service attacks

– Social engineering

* Cyberfraud

– Internet auction fraud

– Internet identity and credit card theft

– Internet investment fraud

I very much enjoyed reading this review and learned a good deal from Chin’s case studies. I particularly appreciated her succinct recommendations to readers for self-protection in each section.

The article on computer security incident response teams (CSIRT) was also especially interesting to me because of the series I am currently writing on that topic. I was pleased to find that the author is Professor Raymond Panko of the University of Hawaii at Manoa, a well-known author whose texts on data communications I have used for many years. In six pages of tightly written prose, Panko provides an excellent review of key issues and guidelines for CSIRTs. Topics include:

* Before the Incident

– Justifying the CSIRT

– Organizing the CSIRT

– Technology Base

– The Problem Of Communication

– The Decision To Prosecute

* During the Attack

– Discovery And Escalation

– Analysis

– Containment

– Recovery

– Protection Against Subsequent Attacks

* After the Attack

– Sanctions

– Postmortem Analysis

Each article in the Encyclopedia includes extensive glossaries, cross-references, and suggestions for further reading. My only complaint is that it doesn’t seem to be available (yet?) on CD-ROM. I hope the publisher will provide that option, which would make the work even more useful.

At $750 per set, this is not a casual purchase for most of us, but it is a reasonable investment for organizations with an IT staff, and a must for schools, colleges, universities and public libraries.

Note: I have no association with the publication reviewed other than gratitude for being given a free set for evaluation. What a perk for being a columnist!