- Email: [email protected]
SEC'83
Book Reuiews
Structured systems analysis and design: an overview; Problem definition and logical design; The feas&ility study; Systems analysis; Implementation and maintenance, 17te mo&ly ~~~~~~~systent: The problem description; ~ia~fying the problem d~~ption~ de~nition~ The feasibility study; Systems analysis; Structured program design; Developing an implementation plan. An online games md ~~fa~~at~ons_vstem: The problem desicription; Some technical background; Clarifying the problem description: definition; The feasibility study: Systems analysis; Structured program design; Developing an implementation plan. 7%~ toolsLrftk mw&st: Structured wa~kthroughs and formal inspections; Data flow diagrams; Wamier/Orr diagrams; HIPO; Pseudo code; Decision trees; Systems flowcharts; The data dictionary; PERT/CPM; File design and space estimates; Forms design and report design; Security, backup, and audit trails. H.M. Deitel: An Introduction to Operating Systems. Addison-Wesley, U.S.A., 1983, 700 pages, ISBN O-201-14473-S. It’s easy to stay ‘up-to-the-minute’ in the rapidIy-changing field of operating systems with this new book. It offers complete coverage, exceptional readability, and the latest innovation - network operating systems, systems security, and software engineering. Part Eight of the book contains topical case studies on UNIX, VAX, CP/‘M, MVS, and VM. The presentation is thorough, accurate, and attention-getting. The book is also fully illustrated with over 200 pieces of art, 100 charts, tables and program listings, This is the first new book in this field in quite a few years. Contents: Part One - introduction. Introduction: Hardware, Software, and Firmware. Part Two - Prucess Management. Process Concepts; Asynchronous noncurrent Processes; Monitors; Deadlock. Part Three - Storage Management. Real Storage; Virtual Storage organizations Virtual Storage Management. Part Four - Processor management. Job and Processor Scheduling; Multiprocessing. Part Five - Auxiliary Storage Management. Disk Scheduling; File Systems. Part Six - Performance. Performance Evaluation; Ana-
455
lytic Modeling. Part SCWW-. Networks, Security, and Software Engineering. Systems; Operating Systems Systems and Software &#tt - Case Studies. UNIX. MVS. VM. Index.
Network Operating Security; Operating Engineering. Pa;lrr VAX/VMS. CP/M.
V. Fak (Editor): Security, IFfP / SEC’8.3, North-Holland, Amsterdam, 1983, 300 pages, Dfl. 95.00, ISBN O-444-86669-8. This book contains the proceedings of the First IFIP SEC’83 conference on Security, held in Stockholm 16-19 May 1983. The topics at the conference mirror the state-of-the-art in areas of interest for computer security analysis and other professionally involved in security work. The overall security of computer systems is concerned with the following main objectives; (1) to keep error rates within limits; (2) to detect and isolate the effects of disturbances or errors; (3) to prevent unauthorized access to the system; (4) to prevent abuse of the system. The papers presented at the conference are distributed in several sections: Security rna~la~ernent~which is the art of knowing what is in the toolbox and when to apply the different tools. It is also the art of knowing what has been done, what the effects are, and what should be done next (3 papers). EDP Security: a public concern. Society’s vulnerability due to computeri~tion has become a common subject of discussion, Privacy is another important issue (5 papers). Access controf: Access to data and computational services can be controlled by different methods. The papers deal with the logical computer oriented aspects (6 papers). Office information sysrems: The distribution of both computer information systems development and responsibility makes it necessary to distribute security measures too (3 papers). Fariiity protectiorr: Computers are valuable in themseives, vital to the climate sensitive, dependent on organization, power supply quantity, targets for terrorists, keepers of secrets and ‘electronic money’ etc. These characteristics call for special skills in facility protection (2 papers). Educatio!?: ?kCUrity analysis must learn to do their job properly. Computer professionals and end users must know their rc-
sponsibi~ity (3 papers). Risk ~u~ag~~~nt~ The analysis of risk and the evaluation of measures to
K.H. Kim and F.W. Roush: Ap&d Abstracr Al&= bra. Wiley, England, 265 pages, f25,oO. KBN t&
contain them are very important (4 papers). At.&-
853115633. This book is an intr~uction to abstract algebra at undergraduate students level. It approaches the subject from a broad non math~mat~c~~viewpoint, Distinctive features of the text indude the following: (I) It emphasizes reiat~ona~st~ctures as well cts operational structures. A un~fi~ approach is given by the parallel tr~tment of basic ideas valid for all types of structures. (2) The book is comprehensive in treating important topics not usu~~y emphasized, and the different results are interwoven in a way that reveals the interconnections between the various concepts. (3) It is written in a down-t~~arth styb, with examples giving simpk illustration of most concepts. (4) Xt is organized into a few chapters dealing with major areas of abstract aigebra, such as groups or rings, these being devided into many sections which can be covered in 1-3 lectures. (S) It contains exercises graded in three levels in order to accommodate students with varying mathen~atica~background. (6) The book contains applications to many areas which ihustrate the usefulness of abstract algebra. (7) It contains some very important open problems itI algebra for which students can understand the problem after this course. This wilf give some indication of what research is like in mathematics. Contents: Preface, Ch. 1: Sets and binary relations: Ch. 2: Se~grou~s and groups; Ch. 3: Vector spaces; Ch. 4: Rings; Ch. S: Group representations: Ch. 6: Field theory; Open problems, List of special symbols; References. Index.
hg: Auditors have always been a security resource and this is no less true in the computer age. Close
cooperation between auditors and security analysts is necessary (2 papers). C~~~ug~~~~~:is an old security technique for information. nowadays it is closely connected to computers. It offers the only protection against ~re.ta~ping, change of data in transfer and other threats. Its use in computer systems has created both uew problems and new ideas (6 papers), ~~~~~~2e~~y p~a~~~~g~There is no absolute security, thus there must be a con~ngency glan in order to ensure the survival of ah vita1 actjvjties (2 papers). Cmputers and the Ir;rw:Criminal activity is the cLassical security threat. Laws are no longer applicable, or they mean so~~et~~~
different in our compute~zed world. They should hc adjusted and their inte~retation adapted to a sjtuation which has changed considerably (2 paprrs). GM. Gotub and CF. van Loan: matrix C~~l~~t~~ zismBOxford Academic Press, Ensland, 1984, Hard fSBN ~-~~36-~.?, ~35.00; Soft LSBNO-9465369 M-8, lElt 9.50. The authors combjne the uncfuttered prcsel~~a~ tion and problem-solving opportunities of a fine textbook with the detained b~b~~ographjesand strong algorithmic context required by professional readers. While discussing such general principies as the exploitation of structure, reliance on vrthogonaJ transformations~ and the assessment of probiem sensitivity, the authors touch on numerous specifics, including Toeplitz systems, Vander~onde systems, constrained least squares, genera~~ed eigenvatue problems, and matrix function prublems. Of particular interest are the author’s discus* sions in depth of singular vafue decon~posit~on and its varied applications, th* pedagogic-derivations of the QR aIgorjthm. and a survey of Lanczos and conjugate gradient techniques. Students. computer scientists, computer engineers and the mathematician interested in numerical ana~ysj~ will atl use this book as a reference.
~eginnjng at the gate tevel, this book builds, components hierarchically. After each new eie
ment is defined {with an interface and a functions its operation is explained by examining aIternatives for its internal structure. Two sample
Structured systems analysis and design: an overview; Problem definition and logical design; The feas&ility study; Systems analysis; Implementation and maintenance, 17te mo&ly ~~~~~~~systent: The problem description; ~ia~fying the problem d~~ption~ de~nition~ The feasibility study; Systems analysis; Structured program design; Developing an implementation plan. An online games md ~~fa~~at~ons_vstem: The problem desicription; Some technical background; Clarifying the problem description: definition; The feasibility study: Systems analysis; Structured program design; Developing an implementation plan. 7%~ toolsLrftk mw&st: Structured wa~kthroughs and formal inspections; Data flow diagrams; Wamier/Orr diagrams; HIPO; Pseudo code; Decision trees; Systems flowcharts; The data dictionary; PERT/CPM; File design and space estimates; Forms design and report design; Security, backup, and audit trails. H.M. Deitel: An Introduction to Operating Systems. Addison-Wesley, U.S.A., 1983, 700 pages, ISBN O-201-14473-S. It’s easy to stay ‘up-to-the-minute’ in the rapidIy-changing field of operating systems with this new book. It offers complete coverage, exceptional readability, and the latest innovation - network operating systems, systems security, and software engineering. Part Eight of the book contains topical case studies on UNIX, VAX, CP/‘M, MVS, and VM. The presentation is thorough, accurate, and attention-getting. The book is also fully illustrated with over 200 pieces of art, 100 charts, tables and program listings, This is the first new book in this field in quite a few years. Contents: Part One - introduction. Introduction: Hardware, Software, and Firmware. Part Two - Prucess Management. Process Concepts; Asynchronous noncurrent Processes; Monitors; Deadlock. Part Three - Storage Management. Real Storage; Virtual Storage organizations Virtual Storage Management. Part Four - Processor management. Job and Processor Scheduling; Multiprocessing. Part Five - Auxiliary Storage Management. Disk Scheduling; File Systems. Part Six - Performance. Performance Evaluation; Ana-
455
lytic Modeling. Part SCWW-. Networks, Security, and Software Engineering. Systems; Operating Systems Systems and Software &#tt - Case Studies. UNIX. MVS. VM. Index.
Network Operating Security; Operating Engineering. Pa;lrr VAX/VMS. CP/M.
V. Fak (Editor): Security, IFfP / SEC’8.3, North-Holland, Amsterdam, 1983, 300 pages, Dfl. 95.00, ISBN O-444-86669-8. This book contains the proceedings of the First IFIP SEC’83 conference on Security, held in Stockholm 16-19 May 1983. The topics at the conference mirror the state-of-the-art in areas of interest for computer security analysis and other professionally involved in security work. The overall security of computer systems is concerned with the following main objectives; (1) to keep error rates within limits; (2) to detect and isolate the effects of disturbances or errors; (3) to prevent unauthorized access to the system; (4) to prevent abuse of the system. The papers presented at the conference are distributed in several sections: Security rna~la~ernent~which is the art of knowing what is in the toolbox and when to apply the different tools. It is also the art of knowing what has been done, what the effects are, and what should be done next (3 papers). EDP Security: a public concern. Society’s vulnerability due to computeri~tion has become a common subject of discussion, Privacy is another important issue (5 papers). Access controf: Access to data and computational services can be controlled by different methods. The papers deal with the logical computer oriented aspects (6 papers). Office information sysrems: The distribution of both computer information systems development and responsibility makes it necessary to distribute security measures too (3 papers). Fariiity protectiorr: Computers are valuable in themseives, vital to the climate sensitive, dependent on organization, power supply quantity, targets for terrorists, keepers of secrets and ‘electronic money’ etc. These characteristics call for special skills in facility protection (2 papers). Educatio!?: ?kCUrity analysis must learn to do their job properly. Computer professionals and end users must know their rc-
sponsibi~ity (3 papers). Risk ~u~ag~~~nt~ The analysis of risk and the evaluation of measures to
K.H. Kim and F.W. Roush: Ap&d Abstracr Al&= bra. Wiley, England, 265 pages, f25,oO. KBN t&
contain them are very important (4 papers). At.&-
853115633. This book is an intr~uction to abstract algebra at undergraduate students level. It approaches the subject from a broad non math~mat~c~~viewpoint, Distinctive features of the text indude the following: (I) It emphasizes reiat~ona~st~ctures as well cts operational structures. A un~fi~ approach is given by the parallel tr~tment of basic ideas valid for all types of structures. (2) The book is comprehensive in treating important topics not usu~~y emphasized, and the different results are interwoven in a way that reveals the interconnections between the various concepts. (3) It is written in a down-t~~arth styb, with examples giving simpk illustration of most concepts. (4) Xt is organized into a few chapters dealing with major areas of abstract aigebra, such as groups or rings, these being devided into many sections which can be covered in 1-3 lectures. (S) It contains exercises graded in three levels in order to accommodate students with varying mathen~atica~background. (6) The book contains applications to many areas which ihustrate the usefulness of abstract algebra. (7) It contains some very important open problems itI algebra for which students can understand the problem after this course. This wilf give some indication of what research is like in mathematics. Contents: Preface, Ch. 1: Sets and binary relations: Ch. 2: Se~grou~s and groups; Ch. 3: Vector spaces; Ch. 4: Rings; Ch. S: Group representations: Ch. 6: Field theory; Open problems, List of special symbols; References. Index.
hg: Auditors have always been a security resource and this is no less true in the computer age. Close
cooperation between auditors and security analysts is necessary (2 papers). C~~~ug~~~~~:is an old security technique for information. nowadays it is closely connected to computers. It offers the only protection against ~re.ta~ping, change of data in transfer and other threats. Its use in computer systems has created both uew problems and new ideas (6 papers), ~~~~~~2e~~y p~a~~~~g~There is no absolute security, thus there must be a con~ngency glan in order to ensure the survival of ah vita1 actjvjties (2 papers). Cmputers and the Ir;rw:Criminal activity is the cLassical security threat. Laws are no longer applicable, or they mean so~~et~~~
different in our compute~zed world. They should hc adjusted and their inte~retation adapted to a sjtuation which has changed considerably (2 paprrs). GM. Gotub and CF. van Loan: matrix C~~l~~t~~ zismBOxford Academic Press, Ensland, 1984, Hard fSBN ~-~~36-~.?, ~35.00; Soft LSBNO-9465369 M-8, lElt 9.50. The authors combjne the uncfuttered prcsel~~a~ tion and problem-solving opportunities of a fine textbook with the detained b~b~~ographjesand strong algorithmic context required by professional readers. While discussing such general principies as the exploitation of structure, reliance on vrthogonaJ transformations~ and the assessment of probiem sensitivity, the authors touch on numerous specifics, including Toeplitz systems, Vander~onde systems, constrained least squares, genera~~ed eigenvatue problems, and matrix function prublems. Of particular interest are the author’s discus* sions in depth of singular vafue decon~posit~on and its varied applications, th* pedagogic-derivations of the QR aIgorjthm. and a survey of Lanczos and conjugate gradient techniques. Students. computer scientists, computer engineers and the mathematician interested in numerical ana~ysj~ will atl use this book as a reference.
~eginnjng at the gate tevel, this book builds, components hierarchically. After each new eie
ment is defined {with an interface and a functions its operation is explained by examining aIternatives for its internal structure. Two sample