Book Review:
Special Section on
Computer Security and Privacy

By NANCY ALLISON
Boston Chapter

Security and Privacy for E-Business,
by Anup K. Ghosh

John Wiley & Sons, 2001

Technical, development-oriented content focusing on security and privacy problems and solutions.

Evolution
of Poorly Secured
Software

Designing
for Security

The author's central insight is that we must create secure software from inception: "All too often, we focus on encryption protocols, firewalls, and other point solutions when it comes to security, when in fact we are overlooking the root cause of most security problems: bad software." (page 35) It is not enough to create a vulnerable software program and then attempt to protect it by adding encryption and firewalls. These protections are vulnerable to determined hackers and, more importantly, hackers can do tremendous damage merely by exploiting a software system's poor design. As examples, Ghosh explains denial-of-service and buffer overrun attacks in detail.

The core of the book provides a process for designing secure software that is resistant to attacks. This section is followed by sections spelling out the security weaknesses of e-commerce, mobile code, and mobile e-commerce. A final chapter examines privacy issues.

Clear Examples

Ghosh uses clear examples to illustrate his points. In one case, he shows how a hacker invades an online trading site and transfers funds to himself:

1. The hacker exploits a CGI script to circumvent the firewall and gain shell privileges on the host.
   
   
2. Finding a dBase password in CGI script, the hacker downloads account numbers and passwords.
   
   
3. By installing NetBus, the hacker takes control of a manager's terminal.
   
   
4. Last but not least, our hacker transfers funds into an account under his control.

Bookmaking Comments

As you would expect, the Preface explains the book's organization. However, the organizing logic presented in the Preface is not explicated in each chapter. For example, the Preface explains that Chapter 4 deals mainly with server-side risks and Chapter 5 with client-side risks. Yet, the introduction to Chapter 4 does not mention server-side risks; and the only discussion of client-side risks does not appear in Chapter 5, but in Chapter 4.

Information is harder to find in this book than it should be. Some sections, such as the discussion of buffer overrun attacks, go on for pages without subheads. Subheads serve to highlight major ideas and transitions, so that you can easily see the structure of the material you are mastering. In addition, running headers do not include the chapter number. This means that, when you wish to look up a footnote, which appears at the end of the current chapter, you have to flip through the book hoping to spot the first page of the ensuing chapter, so that you can turn back to the footnotes at the end of the previous chapter. Running heads giving the chapter numbers would make this task easier.

The Index presents most information once, as main entries. However, most information is not presented again as subentries under an organizing topic. For example, the Unix tools that can "wrap" server-side software, such as the chroot() command, CGIWrap, and SBOX, are listed as individual main entries in the Index. But they are not listed as subentries under such main topics as wrapping server-side software (there is no such entry) or Unix systems. In short, excellent content should not be undermined by poor book design and follow-through on detail!

Finally, the book badly needs a glossary, given that its audience is non-technical, yet its content unavoidably contains some techical terms. In addition, a leisurely approach to acronyms results in a gap of many pages between the introduction of some acronyms and their definitions - such as CGI, introduced on page 7 but not defined until p. 121.