BKPRSEIS.RVW   950321
 
"Protection and Security on the Information Superhighway", Frederick B. Cohen,
1995, 0-471-11389-1, U$32.50
%A   Frederick B. Cohen fc@all.net
%C   605 Third Avenue, New York, NY   10158-0012
%D   1995
%G   0-471-11389-1
%I   John Wiley & Sons, Inc.
%O   U$24.95/C$32.50 800-CALL-WILEY Fax: 212-850-6799 jdemarra@jwiley.com
%P   301
%T   "Protection and Security on the Information Superhighway"
 
Many will think that this book has to do with firewalls and other forms of
Internet security.  It doesn't.  Cohen, though he notes that the "Information
Superhighway" and "National Information Infrastructure" are proposals for
future development, in effect wishes to address any and all forms of
information technology.  This includes such a diverse function as fluency in a
foreign language.  With this breadth of scope, it is little wonder that the
book lacks focus.
 
Cohen appears to be concerned primarily in sounding a warning.  Some of his
points are quite apposite.  (I particularly liked, "Protection is something you
do, not something you buy.")  Most of the time, however, the warning sounds
like, "No, no, no!  You're doing it all wrong!"  There is very little that says
how to do it right.  Chapter two contains a list of possible attacks /
weaknesses, and chapter five has a (brief) list of tips to counter them.  Cohen
shows his lack of involvement here, by labelling this latter list, "A Piecemeal
Approach".  What he seems really interested in is getting you to hire a
"qualified" consultant.  Given the comments that he makes about vendors, the
government, and society in general, one suspects he could enumerate "qualified"
consultants on the fingers of one hand.  Or maybe with just one finger.
 
Although most security specialists will recognize the stories Cohen cites, and
despite his bibliography of over two hundred items, the average reader will
find sweeping statements backed up only by tangential and anecdotal comments.  
The work lacks the immediacy of "Computer Related Risks" (cf. BKCMRLRS.RVW),
the pedagogy and analytic values of "Digital Woes" (cf. BKDGTLWO.RVW) -- and
even the humour that Cohen himself has demonstrated  in "A Short Course on
Computer Viruses" (cf. BKSHRTVR.RVW).  Without these attributes, though, this
is only a pedestrian introduction to data security.
 
copyright Robert M. Slade, 1995   BKPRSEIS.RVW   950321

==============
Vancouver      roberts@decus.ca         | You realize, of
Institute for  Robert_Slade@sfu.ca      | course, that these
Research into  Rob.Slade@f733.n153.z1/  | new facts do not 
User                 .fidonet.org       | coincide with my
Security       Canada V7K 2G6           | preconceived ideas