OVERVIEWS:
WHITE PAPERS, CHAPTERS

These are introductions to or overviews of various topics in information technology and especially information security.

 
Home Page

Courses

CV

Cyberwatch

Ethics

Security Mgmt

IYIR

Methods

MSIA

NWF

Opinion

Ops Mgmt

Overviews

Contact info
 

 

Anonymity and Pseudonymity in Cyberspace     HTML     PDF

This scholarly paper was presented at the 1998 Annual Conference of EICAR, the European Institute for Computer Antivirus Research.  The abstract begins as follows:

The growth of the Internet has increased the use of anonymity and pseudonymity in electronic communications. How can Internet users preserve the benefits of privacy while fighting the abuses of a few anonymous and pseudonymous people? In the real world, identity resides in the ways that an individual is recognised and held responsible for her actions; in cyberspace, identity is potentially just a user-ID. Social psychologists have found that anonymity can contribute to deindividuation -- a state of loss of self-awareness, lowered social inhibitions, and increased impulsivity.

Careers in Information Security     HTML       PDF

This paper started as a response to a student who asked me about how to get into security as a profession.

Brief History of Computer Crime       PDF

A mere 51 pages to introduce computer crime from the late 1960s through the early 2000s to students in IS340, IS342, and CJ341 -- and anyone else interested in the subject. This paper became Chapter 2, "History of Computer Crime," in Bosworth, S., M. E. Kabay, and E. Whyne (2009). Computer Security Handbook, 5th Edition, Volume I. New York: Wiley.

Computer Crime, Introduction to     HTML       PDF

An easy overview with examples. Some of this material originally appeared in Chapter 2 of the NCSA Guide to Enterprise Security I published in 1996 with McGraw-Hill.

Crime, Use of Computers in     PDF

An Article from Encyclopedia of Information Systems, Volume 1 (2003: Hossein Bidgoli, Ed.) Academic Press (ISBN 0-12-227240-4 Set of 3 volumes). Reprinted for the Norwich MSIA & MJA programs with permission of the publisher.

Computer Security Handbook, 4th Edition.

Bosworth, Sy & M. E. Kabay (2002), eds. Wiley. ISBN 0-471-41258-9. 1184 pp. Index. (5th edition currently under development)

Dreams of Security     HTML        PDF

A discussion of e-voting principles leads to pointers on fundamental principles of security.

Enterprise Security Chapter 1 -- Introduction       HTML       PDF

This file is the original manuscript used in preparing chapter 1 of the 1996 textbook, NCSA Guide to Enterprise Security I published in 1996 with McGraw-Hill. This chapter reviews history of information security and discusses some fundamental concepts such as the Parkerian Hexad, notions of risk analysis, and Winn Schwartau's framework for discussing information warfare.

Eternity in Cyberspace       HTML       PDF

This paper reviews some of the practical measures to take to ensure that archived digital information will continue to be available despite rapid technological changes in information technology.

Glossary of Computer-Crime Terms       HTML       PDF

A simple list of terms often used in discussing computer crimes.

Handbook of Information Security     PDF

This scanned copy of the front-matter of the 2006 Handbook of Information Security edited by Prof Hossein Bidgoli includes the table of contents and list of contributors.

Handbook of Computer Networks     PDF

This scanned copy of the front-matter of the 2007Handbook of Computer Networks edited by Prof Hossein Bidgoli includes the table of contents, list of contributors, preface, and Guide.

Industrial Espionage   HTML       PDF

This paper reviews current problems of industrial espionage, including summaries of surveys and studies from US government agencies and a discussion of the Titan Rain espionage case. Updated January 2008.

Information Security Resources for Professional Development      PDF

This paper answers questions from readers, students and educators and provides extensive hyperlinks to information security resources online as well as lists of suggested readings for beginners and more advanced learners.

Information Warfare (1995)     HTML      PDF

This is a chapter from my 1996 textbook, The NCSA Guide to Enterprise Security.  The chapter is dated but still useful as an overview of the issues surrounding the use and targeting of information systems and telecommunications in warfare.

Logical Fallacies: A Beginner's Guide    HTML      PDF

I modified a document circulating on the 'Net that illustrates how propagandists and others use bad reasoning to trick people into making bad decisions.

Mastering a Master's Degree     PDF

Reminiscences about graduate work in 1970-1976 and lessons for new students.

Medical Informatics Security      HTML     PDF

Information assurance in the health-care field has particular problems. This overview discusses some of the issues and possible solutions.

Parkerian Hexad     PPT     PPT in ZIP     PPS     PPS in ZIP

This narrated PowerPoint file (PPT) from the MSIA program introduces the concepts of the Parkerian Hexad -- the six fundamental atomic, non-overlapping attributes of information that we protect in information assurance. The Hexad is replacing the Classic Triad (Confidentiality - Integrity - Availability) as the foundation of IA theory. Also availble in PowerPoint Show (PPS) and as WinZIP archives.

Programming for Security (2004)      HTML     PDF

This article reviews some simple principles for avoiding obvious security blunders when designing and writing programs.

Public Key Infrastructure, A Primer on (2004)      HTML     PDF

A brief look at the public key cryptosystem and the infrastructure that allows public keys to be bound with confidence to particular people (or organizations or machines). Particularly helpful for people who are new to PGP or other digital signature systems and who are a bit fuzzy on just why people are refusing to sign their public key through e-mail communications alone.

Using PGP     PPT

This narrated PowerPoint presentation is an extract from a lecture in the MSIA course. It reviews how PGP is used for digital signatures and encryption and also walks through creating a PGP keypair. Once you download and open the file, press function key 5 (F5) to start the narrated show.

Verizon Data Breach Investigations Report (2008)     PDF

Praise for a security report written -- at last! -- by people who know something about statistical methods! A good object lesson for anyone designing and analyzing security data.


 

Copyright © 2007 M. E. Kabay.  All rights reserved.

The opinions expressed in any of the writings on this Web site represent the author’s opinions and do not necessarily represent the opinions or positions of his employers, associates, colleagues, students, relatives, friends,enemies, cats, dog or plants.

Updated 2008-06-20