With this book, Denning brings to a wider audience the lucid style and insightful analysis that experts in computer security have long appreciated in her work. She has succeeded in her quest to provide a treatment of information security that is accessible and valuable to all who are interested in the subject, no matter how much they already know or how much they need to know.
The book’s scope is use of information in competitive situations, although the emphasis is on information in computers and on such serious conflicts as criminal activity, industrial espionage, and warfare. This broad scope has forced the author to make many difficult choices about inclusion and depth of coverage, but she has made her choices well. Her allocation of only one page to the use of carefully structured queries to make inferences from databases of personal information--a topic on which she has written extensively--is indicative.
The book’s scope must also have presented a challenging organizational problem. While it is far from clear that anyone could have done better, the result here is unsatisfying. Major sections deal with acquiring and protecting information, while subsections treat areas defined by methods of acquisition and defense, arenas of competition, and some topics that are less easily characterized.
Two detailed points merit separate mention. One is that Denning assumes that a system must let at least some individual users have access to a password file--access that at least one system does, and all systems should, restrict to the system’s own programs. The other is that she correctly notes that positions adopted by the United States Department of Defense on the TEMPEST shielding of electromagnetic emanations and on the multilevel security model led to the waste of hundreds of millions of tax dollars. I would add that the department acted in the face of strong and persistent criticism by civilian experts.
While the publisher has served the author well with respect to editing and physical presentation, there are few illustrations; the copious and precise endnotes may leave the curious reader thirsting for explanatory material that could have been incorporated into the notes; and the index is barely adequate.
