Handbook of Information Security, 3-Volume Set (Hardcover)

~ Hossein Bidgoli (Editor)

Editorial Reviews

Product Description

The Handbook of Information Security is a definitive 3-volume handbook that offers coverage of both established and cutting-edge theories and developments on information and computer security.The text contains 207 articles from over 200 leading experts, providing the benchmark resource for information security, network security, information privacy, and information warfare.

About the Author

Hossein Bidgoli, Ph.D., is professor Management Information Systems at California State University. Dr. Bidgoli helped set up the first PC lab in the United States. he is the author of 43 textbooks, 27 manuals and over five dozen technical articles and papers on various aspects of computer applications, information systems and network security, e-commerce and decision support systems published and presented throughout the world. Dr. Bidgoli also serves as the editor -in-chief of the Internet Encyclopedia and the Encyclopedia of Information Systems. The Encyclopedia of Information Systems.

The Encyclopedia of Information Systems was the recipient of one of the Library Journal's Best Reference Sources for 2002 and The Internet Encyclopedia  was recipient of one of the PSP Awards (Professional and Scholarly Publishing), 2004. Dr. Bidgoli was selected as the California State University, Bakersfield's 2001-2002 Professor of the Year.

Product Details

• Hardcover: 3366 pages
• Publisher: Wiley; 1 edition (December 30, 2005)
• Language: English
• ISBN-10: 0471648337
• ISBN-13: 978-0471648338
• Product Dimensions: 11.8 x 9 x 6.7 inches
• Shipping Weight: 18 pounds (View shipping rates and policies)
• Average Customer Review: 5.0 out of 5 stars  See all reviews (1 customer review)
• Amazon.com Sales Rank: #2,480,232 in Books (See Bestsellers in Books)

Customer Reviews

Most Helpful Customer Reviews

5 of 6 people found the following review helpful:

5.0 out of 5 stars Book Succeeds At Daunting Task, December 31, 2005

By	Christopher Byrne "The Business Controls Caddy" (Atlanta, GA USA) - See all my reviews (REAL NAME)

It would be a daunting task to put together a book to cover all areas of information security into a single, comprehensive reference work. Perhaps that is why it has not been done. Until now. On December 30, 2006, John Wiley and Sons will release the Handbook of Information Security (2005, Edited by Hossein Bidgoli et al, 3366 pages). With contributions from 240 contributors and extensive peer review by over 1,000 others, this book should be the definitive reference manual that sits in the office of every information technology auditor, as well as every information technology security professional who needs information without extensive digging. In fact this three volume set might easily replace many other security titles that have not been through as extensive a peer review process.

This is not to say that information may quickly become dated as technology evolves (and as I found in one section on instant messaging). This being said, this initial review will provide an overview and synopsis of Volume I: Key Concepts, Infrastructure, Standards, and Protocols.

Volume I is broken down into three parts, as follows:

Part 1: Key Concepts and Applications Related to Information Security

* Internet Basics
* Digital Economy
* Online Retail Banking: Security Concerns, Breaches , and Controls
* E-Mail and Instant Messaging
* Internet Relay Chat
* Online Communities
* Groupware: Risks, Threats, and Vulnerabilities In The Internet Age
* Search Engines: Security, Privacy, and Ethical Issues
* Web Services
* Electronic Commerce
* EDI Security
* Electronic Payment Systems
* Intranets: Principles, Privacy, and Security Considerations
* Extranets: Applications. Development, Security, and Privacy
* Business-to-Business Electronic Commerce
* Click-and-Brick Electronic Commerce
* Mobile Commerce
* E-Education and Information Privacy and Security
* Security in E-Learning
* E-Government
* E-Government Security Issues and Measures
* International Security Issues of E-Government

Part 2: Infrastructure for the Internet, Computer Networks, and Secure Information Transfer

* Conducted Communication Media
* Routers and Switches
* Radio Frequency and Wireless Communications Security
* Wireless Channels
* Security in Circuit, Message, and Packet Switching
* Digital Communication
* Local Area Networks
* Wide Area and Metropolitan Area Networks
* Home Area Networking
* Public Network Technologies and Security
* Client/Server Computing: Principles and Security Considerations
* Peer-to-Peer Security
* Security Middleware
* Internet Architecture
* TCP/IP Suite
* Voice-over Internet Protocol (VoIP)
* Security and Web Quality of Service
* Mobile Devices and Protocols
* Bluetooth Technology
* Wireless Local Area Networks
* Security in Wireless Sensor Networks
* Cellular Networks
* Mobile IP
* IP Multicast and Its Security
* TCP over Wireless Networks
* Air Interface Requirements for Mobile Data Services
* Wireless Internet: A cellular Perspective
* Security of Satellite Networks
* Ad Hoc Network Security


Part 3: Standards and Protocols for Secure Information Transfer

* Standards for Product Security Assessment
* Digital Certificates
* Internet E-Mail Architecture
* PKI (Public Key Infrastructure)
* S/MIME (Secure MIME)
* PGP (Pretty Good Privacy)
* SMTP (Simple Mail Transfer Protocol)
* Internet Security Standards
* Kerberos
* IPsec: AH and ESP
* IPsec: IKE (Internet Key Exchange)
* Secure Sockets Layer (SSL)
* PKCS (Public Key Cryptography Standards
* Public Key Standards: Secure Shell
* Security and the Wireless Application Protocol
* Wireless Network Standards and Protocol (802.11)
* P3P (Platform for Privacy Preferences Project



Why I Like This Book

The publisher of this book went to great lengths to provide diverse, complete and fully reviewed content. The authors are drawn from the private sector, two and four year teaching colleges, major research universities, the military, and the private sector. In addition, the names of every person who provided a peer review, as well as their organizations, is listed in each volume. Unlike many books I have reviewed lately, these are clearly based on documented research and each topic also provides an extensive list of references and resources that may also be consulted if need be. In short, the publisher has set a new standard for books on information security.

The Problem I Found and Why It is a Challenge

The information technology landscape is constantly shifting and changing. For that reason, it is hard to ensure that the content of a book is current. The specific problem I found was the mention of America online (AOL) offering an enterprise-strength version of AOL instant messaging for corporations. The only problem with this is that AOL discontinued its enterprise offering in June of 2004. I am not sure that given the size of this project that this could have been caught, but the author of that section should have caught it and self-corrected it. This is one example of the challenges to the long-term usefulness of this book. The publisher needs to find a way to easily publish errata and/or addenda as things change so that the book stays relevant.

What I Would Like to Have Seen

It would have been good if the book also shipped with a CD containing an on-line encyclopedia type version of the content so that organizations could license it for their enterprise (think larger information technology audit shops here), so that consultants and auditors could have quick and easy access to information when they are on the road. Hopefully the publisher will look at this option sooner than later.

The Scorecard

Double Eagle on a long par 5 playing into the wind (to win the tournament)