• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Book Review - Wireless Security & Privacy

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> News // Columns // Articles

View previous topic :: View next topic  
Author Message
b4rtm4n
Trusted SF Member
Trusted SF Member


Joined: 26 May 2002
Posts: 16777206
Location: Bi Mon Sci Fi Con

Offline

PostPosted: Thu Oct 09, 2003 3:45 pm    Post subject: Book Review - Wireless Security & Privacy Reply with quote

Wireless Security and Privacy
Best Practices and Design Techniques


Authors: Tara M. Swaminatha and Charles R. Elden
Publisher: Addison Wesley
Read Online: Wireless Security and Privacy
Book Specifications: Softcover, 304 pages
Category: Wireless and security concepts
User Level: Some prior knowledge of wireless technology and/or security concepts would be advantageous
Suggested Publisher Price: 39.99 USD, 62.99 CAN
ISBN: 0-201-76034-7
Amazon.co.uk: Wireless Security and Privacy
Amazon.com: Wireless Security and Privacy




From the back cover: "The trick to sound security is to begin early, know your threats,... design for security, and subject your design to thorough objective risk analyses and testing. This book will help."


Introduction

Wireless is the new player on the networking block and as such brings a whole new set of security issues. This book tries to bring awareness of the current wireless technologies and security principles to a target audience of wireless and security professionals.
Don’t think this is purely about wireless LANs though. Wireless technology stretches from the cellphone in your pocket, through Bluetooth, Blackberry, and 802.11 all of which have their unique attributes and vulnerabilities.


Content

Split into four sections each concentrating on a different area of security, there appears to be a small degree of repetition between some of the underlying chapters but this is easily explained as there is plenty of crossover between sections, and the authors have done well to keep the repetition to a minimum.
Being a small book it doesn't delve too deeply into each section but there is a good broad base of knowledge provided and, as you can see from the layout of the sections, there is a logical progression from establishing principles, through analysis and understanding of the systems involved, to case studies and designing solutions.

Part I

Establish a Foundation

Chapter 1 - Wireless Technologies - general principles of modern wireless communication
Chapter 2 - Security Principles - general security practises and concepts

Part II

Know your System

Chapter 3 - Technologies - the differring wireless technologies currently available - Bluetooth, WAP, 802.11
Chepter 4 - Devices - the physical and logical aspects of wireless devices - Cellphone, PDA, Blackberry, Laptop
Chapter 5 - Languages - detail of two wireless development languages WAP and J2ME

Part III

Protect your System

Chapter 6 - Cryptography - cryptographic principles and techniques - primitives, symetric & assymetric, cryptographic attacks
Chapter 7 - COTS - the pros and cons of Commercial Off The Shelf products - VPN, tunnuelling, authentication systems
Chapter 8 - Privacy - legal and profesional privacy issues from US only legislation

Part IV

I-ADD

Chapter 9 - Identify Targets and Roles - an exhaustive search for potential targets and identifying the
individuals that may attempt to compromise the identified targets
Chapter 10 - Analyze Attacks and Vulnerabilities - known attacks, vulnerabilities, and theoretical attacks
Chapter 11 - Analyze Mitigations and Protections - how to build security into the system
Chapter 12 - Define and Design - design securesolutions for the case studies


Style and Detail

This is a nice informative book. But given its size it is unable to delve as deeply into some of the topics as I would have preferred, especially the underlying technology of cellular phones (GPRS and GSM were noticeable in their absence). There are many other references available to the reader determined to find out more.
That being said it is well written in a clear easy to understand yet professional style and makes good use of diagrams to highlight areas where a prose description isn't quite adequate. The cryptography chapter is outstanding (covering the crypto basics with some excellent diagrams and some basic math for RSA, discrete logarythms, and elliptic curve) and the sections on best security principles and practises make it a worthy companion book for anyone setting out on the IT security career path even if wireless security is not your field.


Conclusion

I enjoyed reading this book and although it'll never make you an expert in any of the fields covered there is more than enough content to make you aware of the issues involved in deploying any wireless technology securely and give you a solid grounding in best principles and practises of security.

I just wish I had it several months ago when studying for the Security + as the two areas I had to work hardest at were wireless and cryptography.


I rate this 8/10 (the omission of GPRS & GSM cost the book a higher score)




This review is copyright 2003 by the author and Security-Forums Dot Com, and may not be reproduced in any form in any media without the express permission of the author, or Security-Forums Dot Com.
Back to top
View user's profile Send private message Send e-mail
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> News // Columns // Articles All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register