Tuesday, May 28, 2013

Principles of Distributed Database Systems 3rd edition, M. Tamer Özsu



From the reviews of the third edition: “This is an excellent book that provides an in-depth overview of all issues related to distributed data management. … Each chapter … ends with a conclusion that provides a nice summary and additional reflections, as well as bibliographic notes. … The book ends with an extensive list of references and an index. … Instructors of advanced database courses could use this book as a textbook. It would also interest researchers on topics related to distributed data management. I highly recommend this excellent book.” (Sergio Ilarri, ACM Computing Reviews, August, 2011)

I've been using this book since its 2nd edition in my "Distributed & Parallel Database" grad and undergrad courses and I really like the way it is structured and the commented Bibliographic Notes, which closes every chapter.
In these days of Big Data Analysis, Map/Reduce and Hadoop programming I find it even more important to settle the basis for data partitioning, data replication, reliability, data parallelism and data-flow optimization. These concepts are very well defined and are not restricted to DBMS. The 3rd Edition also contributes with distributed data management issues in cloud computing. The companion presentation slides also make my life much easier.

This is a very useful book. Despite the name, this book is covering the principles of many fundamental techniques that one has to master to architect cloud data management solutions. It is a must-read for those people interested in mastering this area. It covers the foundations for distributed data management providing a very good coverage of the main techniques and providing pointers to the most relevant papers on each area to go deeper when needed.

It covers the class I teach. Clear writing, concepts and theory well defined, detailed algorithms and architectures, good illustrative examples. If you need to understand what's going on, it is the good choice. If you intend to build up a system, you'll have to supplement with more specific readings about existing systems.

A perfect companion for students and more generally for any person interested in distributed databases.

We already use the second edition of ozsu-valuriez's book for our courses on distributed databases at UPMC. With the new topics covered by this third edition (P2P systems and Web data management for instance), it covers all major topics we need for our courses. The major concept that are imperative are the following : distributed databases design, distributed query optimization and distributed transaction management, since those concepts appear in every kind of distributed data management approach.
I particularly appreciate the fact that basic database concepts are introduced and explained, before dealing specific issues related with data distribution. This makes the book self-contained, which is economically interesting.
Figures and examples are clear, the text does not include noisy information (as some books do). As already mentioned, the book can serve for beginners (as it includes basic concepts) but also references and citation help interested readers to go beyond the presented materials. Particularly, I like the formalism which is always at a good level of granularity and the examples that illustrate very well the issues.

A typical database course should cover design aspects, query processing, and transaction management. My course is structured along these lines and the book provides the coverage I need. I find all three topics: design, query processing, and transaction management, equally challenging. They all involve conceptual understanding and algorithmic depth.

Generally speaking, the authors did a good job in compiling multiple research efforts into a coherent textbook. The textbook has a leading (rather simple) case study example that serves well in tying together different research efforts. At times, this effort trivializes matters and this is where I, as an instructor, should step in and provide some additional explanation. The manuscript provides a good depth in both conceptual and algorithmic solutions. The use of examples throughout improves understanding a lot, especially for undergrads. The example is mostly clear.

This textbook is the only textbook I know of that provides technical depth for the area of distributed databases. This is important when teaching engineering students.

Product Details :
Hardcover: 866 pages
Publisher: Springer; 3rd ed. 2011 edition (March 2, 2011)
Language: English
ISBN-10: 1441988335
ISBN-13: 978-1441988331
Product Dimensions: 6.1 x 1.8 x 9.2 inches

More Details about Principles of Distributed Database Systems 3rd edition

or

Download Principles of Distributed Database Systems 3rd edition PDF Ebook

Posted by at No comments:
Labels: ,

Know Your Enemy: Learning about Security Threats 2nd Edition, Honeynet Project The



Most of the time, your only close-up view of a computer attack is trying to sort out how someone compromised your production system. But there is a way to get hands-on experience with attack analysis, and Know Your Enemy - Learning About Security Threats by The Honeynet Project (Addison-Wesley) shows you how.

The chapter breakout: The Beginning; Honeypots; Honeynets; Gen1 Honeynets; Gen2 Honeynets; Virtual Honeynets; Distributed Honeynets; Legal Issues; The Digital Crime Scene; Network Forensics; Computer Forensics Basics; UNIX Computer Forensics; Windows Computer Forensics; Reverse Engineering; Centralized Data Collection and Analysis; Profiling; Attacks and Exploits: Lessons Learned; Windows 2000 Compromise and Analysis; Linux Compromise; Example of Solaris Compromise; The Future; IPTables Firewall Script; Snort Configuration; Swatch Configuration; Network Configuration Summary; Honeywall Kernel Configuration; Gen2 rc.firewall Configuration; Resources and References; About The Authors; Index

If you're not familiar with the concept, a honeypot is a computer set up to gain the attention of network intruders. The concept is that the intruder will spend time with that box and leave the rest of the network alone. A honeynet is the same thing but only at a network level. The authors of this book are experts at setting up these kind of systems in order to see how attackers work and discover new exploits before they are used against actual production systems. They take you through all the different parts of the process; how to set up a honeypot/honeynet, how to analyze an attack, what legal considerations have to be kept in mind, and examples of exploits that actually were recorded and analyzed.

While there are plenty of books that talk about computer security, there are few that show you how to take the offensive and learn first-hand how to analyze and understand real-life attacks. This is a unique offering that will have high appeal for the security professional looking for in-depth understanding of the attacker mindset.

One of most exciting areas to emerge in information security has been in the area of honeynets. These are networks designed to be compromised and capture all of the tools and activity of attackers
The Honeynet Project is a volunteer organization dedicated to researching and learning cyber-threats, and sharing our lessons learned. The project is made up of 30 security professionals around the world. They learn about cyber-threats by deploying networks around the world to be compromised. Once compromised, they capture all of the attacker's tools and activity, analyze, and learn from that. The value to this research is there is very little theory involved, they are capturing and seeing what is happening in the Internet today.
Very neat!

A honeynet is the primary tool used to capture attacker's activity. It is a type of honeypot, specifically a high-interaction honeypot. As a honeypot, honeynets work on the concept that they should not see any activity, no one has authorization to interact with them. As a result, any inbound or outbound connections to the honeynet is most likely unauthorized activity. This simple concept makes it highly effective in detecting and capturing both known and unknown activity. Honeynets work as a highly controlled network made up of real systems and applications for attackers to probe and compromise.

The book is about honeynets, how to use them, and what you can learn. The book is broken into three parts. The first part is focused on what honeynets are, how they work, the different types, and technical details on how you can deploy them safely. The second part focuses on how to analyze all the different data a honeynet can collect (network and host based forensics, reverse engineering, centralized data correlation, etc). The third part is specific examples of several honeynets being hacked, including Win2000, Linux, and Solaris. What makes the book so interesting is it ties all these different elements together. You can learn more at http://www.honeynet.org/book/

The book was not written by a single individual, but by leading experts in their field. They attempted to combine the best experiences and skills from some of the leading individuals. The book was organized by the Honeynet Project, but the contributing authors include members of the Honeynet Research Alliance, individuals from the Department of Justice, and others who have helped us in the past and wanted to contribute. Some examples of authors include Honeynet Project members Brian Carrier who wrote several chapters and Max Kilger who wrote about profiling. Honeynet Research Alliance members include the work of the Greek Honeynet Project writing about hacked Linux systems, and the Mexican Honeynet Project writing about hacked Solaris systems. They also had outside experts help out, including Richard Salgado of the DoJ author about legal issues, and Dion Mendel from Australia write about Reverse Engineering.

-- To defend against your threats, you have to first know who your enemy is -- I recommend this book!

This is a fascinating read about how understanding hacking, from gathering the data, to the forensic analysis. The second part, on the forensic analysis is very detailed and well written.

The root idea is very simple, put an attractive target on the Internet, wait until it's hacked (and it will be), and then analyze the attack. The first part of the book covers the construction of these attractive 'honeypots'. The second part covers how to analyze the inevitable attack. The third part, which is the most high level, is about the culture of hacking and hackers.

I would recommend this book to anyone involved in securing systems on the open internet who has a good understanding of the technology behind networking and operating systems.

The Honeynet Project grew out of an informal group of computer experts who decided to take an active role in tracking breakins to computers. Existing countermeasures, like firewalls, and frequent patches of discovered firmware bugs, were fundamentally defensive. And did not actively try to understand the capabilities and intentions of the crackers/intruders/blackhats.

This second edition describes what they term Gen 2 Honeynets. These are more sophisticated than Gen 1 networks of honeypots, where a honeypot is a computer expressly deployed for blackhats to intrude upon. The book delves in some length on how to construct a honeypot and a honeynet. Various configurations are possible. A honeypot could mimic a Microsoft computer or a Solaris or linux machine. There is more emphasis on the actual machine being linux, because of the open source nature, which has led to tools like Snort, Ethereal and Sebeb being available. Indeed, Snort-Inline and Sebek were developed by this project.

Lots of craft keyboard sniffing (Sebek) and network sniffing (Ethereal). Plus, variant arrangements like having one computer pretend to be several honeypots are described. Or another, where a honeynet might be physically distant from the production net, but linked to it via a VPN.

All this is scarcely the last word. The blackhats will certainly devour this book to concoct their next generation techniques. You can safely predict an eventual third edition of this book.

Product Details :
Paperback: 800 pages
Publisher: Addison-Wesley Professional; 2 edition (May 27, 2004)
Language: English
ISBN-10: 0321166469
ISBN-13: 978-0321166463
Product Dimensions: 7.1 x 1.5 x 9.2 inches

More Details about Know Your Enemy: Learning about Security Threats 2nd Edition

or

Download Know Your Enemy: Learning about Security Threats 2nd Edition PDF Ebook

Posted by at No comments:
Labels: , ,

Introduction to Computer Security 1st edition, Matt Bishop



The text appears to be detailed and comprehensive. As an introduction to computer security, there were a few assumptions made about the readers. Abbreviations used throughout the text were difficult to decipher. A common practice is to write out the terms with the abbreviations used in parentheses immediately following. I did not find this in the text, requiring me to reread the chapters several times to get a feel for what is being described. This includes statistical nomenclature. Students taking an introductory course may not have had statistics and not understand the symbols presented. For symbols, an appendix should have been included which defines those labels for readers. Otherwise, I have found the examples to bring meaning to the content. It was through the examples that I was able to grasp the intent of each chapter.

This was the textbook for one of my Comp Science grad courses and I didn't really care for it. I think it put way too much emphasis on modeling and theory and none at all on practical implementation. You will not be able to secure a network after reading this book. This book will give you some information on security theory and really would only benefit designers of systems in the 70s-80s or academics, not IT practitioners.

This book has seen better days. The author appears to have cut-and-pasted hundreds of UNIX references into the book "in order to beef it up..." I assume. If you look at the references in the back of the textbook, many of them date from the mid-1980s. For example, his discussion of viruses and worms make NO reference to Code Red (or subsequent worms) but have extensive cut-and-paste data from a 1985 IEEE paper. You get the picture. Most of his other chapters are the same.

This book is as its title implies, an introduction level text on computer security. Its style and occupation of the Author indicate that it is a college level textbook on the subject. As far as giving a foundation level grounding on the subject, it covers all the usual bases and as such is worth the read. It is not a practical guide however.

It covers all the normal subjects you would expect. in good detail and depth. A lot of the examples are about UNIX or Multics. Also it has a lot (and I mean a lot) of theory and its associated math. This does make for rather heavy reading. Some chapters such as Chapter 15, Information flow require more than a little prior knowledge of programming to fully understand.

Unfortunately, I acquired this book during my study for the CISSP Certification, and although many subjects are covered, there are many more books written for the CISSP exam that cover the requirements for the exam and are better suited for that task.

In short, it is a good textbook on Computer Security. Heavy on theory and math and with a lot of examples on UNIX and Multics systems. It is not a practical guide to securing your (mostly Microsoft) Network. For those looking to pass the CISSP exam there are better study guides out there to spend your time with.

While I hail from academic background, this book was too much at times for me. The book does contain some fun and useful information on security theory, which is presented well (no mean feat!). The fans of Bell-LaPadula model and such things will find them in the book.

On the other hand, it is explicitly weak on the practical side. The book seeks to connect theory and practice, but it seems that it did not completely build the connection. Most of the practical things (such as intrusion detection, malware, etc) are much better covered elsewhere. I liked the auditing chapter, however. It does contain a harmonious mix of theory and practice, fused together. Intrusion detection chapter was weaker, and it only covered ancient IDS projects such as DIDS. If you like more formal presentation of it, get Becky Bace's book.

The author states that 'computer security is not just a science, but also an art' (preface). No kidding! It pains me to say so, but practical security nowadays seems much more like an art (and, some say, a 'black art':-)) rather than real science, like physics.

The book is most useful to students of computer security, as a textbook or supporting maters (it does have exercises in the end of each chapter). It might come handy for practitioners as well, if you are into that sort of thing :-)

Anton Chuvakin, Ph.D., GCIA, GCIH, GCFA is a Security Strategist with a major security company. He is an author of the book "Security Warrior" and a contributor to "Know Your Enemy II". In his spare time, he maintains his security portal info-secure.org

I recently finished the book Introduction to Computer Security by Matt Bishop (Addison-Wesley). I hope to be fair on this review, but I'm probably going to be a little harsh...

Chapter list: Preface; An Overview of Computer Security; Access Control Matrix; Foundational Results; Security Policies; Confidentiality Policies; Integrity Policies; Hybrid Policies; Basic Cryptography; Key Management; Cipher Techniques; Authentication; Design Principles; Representing Identity; Access Control Mechanisms; Information Flow; Confinement Problem; Introduction to Assurance; Evaluating Systems; Malicious Logic; Vulnerability Analysis; Auditing; Intrusion Detection; Network Security; System Security; User Security; Program Security; Lattices; The Extended Euclidean Algorithm; Virtual Machines; Bibliography; Index

OK, for the good stuff. This is probably one of the most complete academic treatments of computer security that I've ever seen. According to the preface, this is a "condensed" and updated version of the author's earlier work, Computer Security: Art and Science. His three goals, which are probably met, are to show the importance of theory to practice/practice to theory, to emphasize that computer security and cryptography are different, and to demonstrate that computer security is a science *and* an art. He also considers this book to omit much of the mathematical formalism. And that's where I start to have problems. In my opinion, he missed his target entirely.

Following the statement about omitting the mathematical formalism, we have this statement: "It is suited for computer security professionals, students, and prospective readers who have a less formal mathematical background, or who are not interested in the mathematical formalisms and would only be distracted by them, or for courses with a more practical than theoretical focus." Honestly, I don't know of many computer professionals holding down full-time jobs who would see this as a practical book. There is still a lot of mathematical "formalism" for a practical book, and I didn't finish reading this book thinking that there were a number of things I'll do different now in my job. If I were taking a college level course on computer security theory and structure, it'd probably work. But to give this to your coworker who is studying for a security certification as well as monitoring logs on a system would make him wonder if he did something to offend him...

If you need theory and coursework-style material, this book will give it to you. If you're looking for something that deals with hands-on security stuff you can use in your job tomorrow, I really think you'll be disappointed.

The only people who hate security systems more than the end users who have to put up with a badly designed system are those who want to break into systems that have good security.

Security for computer systems is very real and growing problem. Far beyond the virus that might come on an e-mail, white collar crime is much more expensive than other kinds. A grocery store holdup might net a few hundred dollars, a bank robbery a few thousand, the average white collar crime is in the hundreds of thousands. And the price of information may be worth life itself as in the case of the Enigma codes in World War II.

This book is balanced at at interesting level above the how to and below the highly theoretical. It has some of the theory, and some of the how to. More important, it explains the why and the how, the broad concepts that enable a manager concerned with security, or the new security manager to set up an effective system that is tailored to the risk, the company, the employees, and others who might have some access to their computer system.

I would rate this book at an intermediate level to move the reader higher up the professional scale. Highly recommended.

For those looking for a step-by-step book for securing your Windows XP box, you have come to the wrong place. This is a textbook covering security fundamentals from mathematical concepts, like cyphers and encryption, to the analysis of intrusions, viruses and worms through to policy aspects. About as concrete as it gets in terms of implementation comes in the second to last chapter on securing the internals of a C program.

This book provides an excellent grounding in the fundamentals of security. A must have for anyone studying security, or for those looking for a deeper understanding of IT security fundamentals.

Most books on computer security describe and show how to use cryptography. But often due to lack of space and audience expertise, they often do not give any detailed theory of cryptosystems. There is relatively little maths in such books. In turn, cryptography books fall into roughly two piles. One is highly mathematical and abstract; deliberately independent of any operating system or implementation. The other uses those theorems from the previous type of book, and is more tied to some software package that implements them.

Bishop's book stands differently. The level of the maths and the notation and the rigour with which he describes the cryptosystems would not be out of place in an algorithms book. But it is not all maths. There are chapters on Identity and on Access Control Mechanisms that are traditional sysadmin-type discussions. Veterans of running DEC's VMS machines will see much familiar material. But these discussions are also characterised by a level of analysis uncommonly seen in most sysadmin books. Bishop tries to show how behind such things like Access Control Lists, there is a systematic logic. Other books that might be tied to a given operating system or package might bury you in details, and obscure a general model.

If you have wanted to dig deeper into the subject and have good background in discrete maths, Bishop is worth reading.

Product Details :
Hardcover: 784 pages
Publisher: Addison-Wesley Professional; 1 edition (November 5, 2004)
Language: English
ISBN-10: 0321247442
ISBN-13: 978-0321247445
Product Dimensions: 9.7 x 7.6 x 1.4 inches

More Details about Introduction to Computer Security 1st edition

or

Download Introduction to Computer Security 1st edition PDF Ebook

Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)