0962870048.RVW 990214
"Time Based Security", Winn Schwartau, 1998, 0-672-31341-3,
U$49.99/C$70.95/UK#46.95
%A Schwartau, Winn
%C n/a
%D 1999
%E n/a
%G 0-9628700-4-8
%I Interpact Press
%O U$25.00/C$37.00 813.393.6600 http://www.infowar.com/tbs/
%P 174 p.
%T "Time Based Security, Practical and Provable Methods to
Protect Enterprise and Infrastructure, Networks and Nation"
What is TBS (Time Based Security)? TBS is defined by the author as "a
non-technical examination of the very foundation of the technical realities
of the networked society. It is designed for a wide audience with varying
skill sets, backgrounds and business needs." Unfortunately, the title's use
of "practical and provable methods to protect enterprise and infrastructure,
networks and nation" implies (to me) that the book will cover practical and applicable
solutions to the problems pointed out. Rather than presenting solutions,
the author gives a high level diagnosis of the problem, as well as simple-to-use
equations for determining how it affects your organization.
The first fourteen chapters (each chapter averages 4.5 pages) go into
the description and foundation of TBS. Schwartau calls on well grounded and
practical examples to convey the importance of utilizing a security plan
that utilizes TBS. From the foundation, simple equations are designed to
contrast the importance of Protection, Detection, and Reaction (the key elements
of TBS).
The next few chapters go into various security concepts and how they
apply to a TBS model. Starting with 'Defense in Depth' (Chapter 17), Schwartau
applies practical examples to his TBS equations and shows how to factor in
elements such as multi layered security. Unfortunately, these chapters (especially
'SequentialTime-Based Security' [Chapter 18]), are extremely short and lack
the description needed to adequately convey their importance.
The remaining chapters cover a wider variety of topics and expand past the
TBS model a bit more. Some of these topics are Reaction Channels, TBS Reaction
Matrices & Empowerment, and Using TBS in Protection.
Overview: While TBS presents a great overview of the concepts and effects of
Time based Security, it does not present a grounded practical method for implementing
these ideas into a working network. Technical people reading this book will
no doubt question the book's claims of it being "your handbook for protecting
intangible things of value that have no physical substance." Management and
non-technical people however, should definitely read this book. Schwartau cites
easy to use examples and layman's terms to explain the risks your network suffers.
review by: Brian Martin <jericho@dimensional.com>
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
Received on Fri Apr 16 14:08:37 1999