Changes in the technology landscape, and new aspects of established technological areas, are the focus of this book. Security is the focus of four of the seven chapters. Academics, practitioners, researchers, and journalists are among the contributors, and subjects addressed range from certification to smart cards and digital forensics, to speech recognition. Except for one chapter, the content is not highly technical, and could be understood by a reader with some technical background. All of the chapters are very well written, and even an expert will find new details and opinions in each of them.
Chapter 1, “Licensing and Certification of Software Professionals,” by D. Bagert, addresses the state of certification for software engineers as a whole. Recently, certification has become a proxy for expertise in employees. This chapter examines existing options for certification, and initiatives for improvement in this area. According to the author, software engineering is a special type of engineering, in need of a special certification body because of the volume of knowledge involved and the diverse backgrounds of the workers. Despite the various definitions of software engineering, some certification and licensing programs already exist, including those of the Canadian Council of Professional Engineers (CCPE) and Professional Engineers Ontario (PEO) in Canada, and the Fundamentals of Engineering (FE) exam in the US. National certification programs exist in the UK and Ireland, and companies provide certification for their tools or internal practices. The author concludes by describing the strengths, weaknesses, and future of existing certification models in software engineering.
The next chapter, “Cognitive Hacking,” by G. Cybenko, A. Giani, and P. Thompson, defines countermeasures for the class of exploits that originates from the changed perceptions of users confronted with fraudulently modified information. Cognitive hacking refers to exploits that draw on human behavior produced by misinformation. A classical example of cognitive hacking is the false announcement of management changes at Emulex that caused a sell-out of the network equipment company’s stock. Cognitive hacking is similar to information warfare. This very informative chapter describes examples of cognitive hacking, and analyzes economic and legal issues connected with this threat. The chapter ends with a useful description of possible countermeasures. Complete with a literature analysis, chapter 2 is the best description of this phenomenon that I have encountered.
Chapter 3 is an introduction to digital forensics, by W. Harrison. The author details the extraction, analysis, and presentation of information obtained from digital media. Relevant evidence can be obtained from various formats of digital media, ranging from email and chat transcripts to files, calendars, dynamic applications, and logs. The process of collecting digital evidence is thoroughly described. Harrison analyzes all stages of the process, from identification and preparation of the evidence, to its collection, preservation, and duplication. The preservation of digital evidence, especially when it is collected from a dynamic application, presents issues not found in other types of evidence. The chapter further describes forensic environments, and provides tidbits of the actual activities of a computer forensic specialist. The chapter ends with a case study and concluding remarks. Chapter 3 will be fascinating reading for anyone interested in security; the technology and practices of digital forensics are described in simple and clear terms that both novice and expert readers will appreciate.
Chapter 4, by C. Cowan, is about survivability, a new area seeking to combine the techniques used in security and reliability in order to design highly resilient systems. It is not easy to combine fault tolerance and security: they are based on different premises, the first assuming that faults are randomized, and the second concentrating on preventing failures before they occur. The approach described in the chapter is based on the observe, orient, design, and act (OODA) strategy. Survivability techniques described include access control and firewalls, quality coding, intrusion prevention, and intrusion tolerance. The chapter concludes with instructions for survivability evaluation.
Chapter 5, by K.M. Shelfer et al., focuses on smart cards. It describes the history of smart cards, provides a technology analysis, and discusses current and potential applications. The authors analyze the rationale for the adoption of smart cards, and provide a comprehensive and easy to read review of the technology. The chapter also covers the standards regulating various aspects of smart card functionality, and organizations involved in building these specifications. In order to put the smart card technology in context, a brief description of “adjacent” technologies (magnetic stripes and bar codes) is also provided. The chapter concludes with remarks on smart card security, and an analysis of future research. Even for a technologist familiar with smart cards, the narrative supplies many interesting facts. It is well written, and I am sure readers will find it enjoyable.
Chapter 6, “Shotgun Sequence Assembly,” by M. Pop, addresses the most common method of capturing the DNA sequence of organisms, starting with an overview of the shotgun sequencing technique, and focusing on various issues associated with it. Readers will learn different assembly paradigms, as well as various stages of the assembly process. The chapter is full of useful information for specialists in DNA sequencing, and also provides good background for an interested reader unfamiliar with the field.
The final chapter, by G. Zweig and M. Picheny, analyzes advances in continuous speech recognition on large vocabularies. The chapter starts with a general overview of the current state of the field. After 40 years of research, this is a mature technology, used in a number of commercial applications. Front-end signal processing techniques are described in detail, followed by sections on acoustic modeling. Other sections discuss language model techniques, mentioning finite state grammars, n-grams, and other approaches. Search issues and adaptation techniques are evaluated in the chapter as well. The final section explains the influence of various environments on the performance of speech systems. Chapter 7 is the most technical chapter in the volume, and it is recommended for those with a background in speech recognition.
Volume 60 of the Advances in Computers series is an excellent addition to the library of a computer scientist or practitioner who wants to keep abreast of the latest developments in the field. It is an enjoyable book, with a high educational value, and extensive bibliographies at the end of each chapter for further reading and additional research.
