Excerpts from Books
Introduction to Behavioral Biometrics
New Directions in Behavioral Biometrics presents the concept of behavioral biometrics on the basis of some selected features like signature, keystroke dynamics, gait, and voice. This excerpt from the book provides a brief overview of behavioral biometrics.
Risk and Trust Assessment: Schemes for Cloud Services
Both risk and trust have been extensively studied in various contexts for hundreds of years. Risk management, and specifically risk assessment for IT, has also been a hot research topic for several decades. On the other hand, modeling risk and trust for cloud computing has attracted researchers only recently. This chapter from Cloud Computing Security: Foundations and Challenges provides a survey on cloud risk assessments made by various organizations, as well as risk and trust models developed for the cloud.
Benefits Realization Management
Organizations succeed by mastering the management of their strategic changes, with project, program, and portfolio management as the recognized set of processes and tools to manage such changes. However, projects still fail on a large scale. Benefits Realization Management: Strategic Value from Portfolios, Programs, and Projects presents benefits realization management as a set of practices that has been shown to increase project success rates from a strategic perspective. This introduction provides background information that explains this.
Overview of Mobile Apps and Interfaces
This chapter from Mobile Applications Development with Android: Technologies and Algorithms introduces the mobile system; mobile interface and applications in mobile system; optimization in mobile system; mobile embedded system; mobile cloud computing; big data in mobile systems; data security and privacy protection in mobile system; mobile app; and Android.
Introduction to Project Portfolio Management
This chapter from Project Portfolio Management in Theory and Practice: Thirty Case Studies from around the World looks at the definition of PPM and discusses several examples of portfolio value, balance, and strategic alignment. It then examines the effect the absence of PPM has on the organizations, including thinly spread resources, longer time-to-market, and poor quality of final products and services. Finally, it examines two research initiatives and compares them to demonstrate that although PPM has made bold strides in the last ten years, but there is a lot of work to be done.
Preservation and Management of Documents
One of the most important tasks an organization or individual will face when dealing with electronic evidence is the preservation of that data in a way that ensures the integrity and availability of the data. This chapter from Electronically Stored Information, Second Edition looks at all of the aspects of that task and discuss the tools and requirements that you should be considering.
Introduction to Machine Learning
Machine learning is a branch of artificial intelligence that aims at enabling machines to perform their jobs skillfully by using intelligent software. This excerpt from Machine Learning: Algorithms and Applications present an introduction to machine learning including the use of machine learning algorithms and present and future applications.
Introduction to Certificateless Cryptography
In this excerpt from Introduction to Certificateless Cryptography, authors Hu Xiong, Zhen Qin, and Athanasios V. Vasilakos present a brief introduction to symmetric cryptography, discuss the setting of asymmetric public key cryptography, and argue why you should care about certificateless PKC.
Scala Programming Basics
This excerpt from Introduction to Programming and Problem-Solving Using Scala, Second Edition introduces the basics of the Scala programming language.
Storage and Database Management for Big Data
The ability to collect and analyze large amounts of data is a growing problem within enterprise of all types. es faced by big data volume, velocity, and variety. While there has been great progress in the world of database technologies in the past few years, there are still many fundamental considerations that must be made. This chapter from Big Data: Storage, Sharing, and Security aims to address many of the pressing questions faced by people interested in using storage or database technologies to solve their big data problems.
Authentication is the process that deals with the establishment of identities. Claims-based authorization, at its simplest, checks the value of a claim and allows access to a resource based upon that value. A claim is a name-value pair that represents what the subject is, not what the subject can do. Clear as mud, right? Read this chapter from Enterprise Level Security by William R. Simpson for total clarity on claims-based authorization.
The IIA defines operational auditing as "Defining, measuring, evaluating, and improving the economy, efficiency, and performance effectiveness of the organization's operations and constituent activities irrespective of function, purpose, or level within the organizational structure." The chapter from Operational Assessment of IT explains what this means and how to apply it in the context of operational assessment of ICT.
Software Quality Assurance: Defect Management
This chapter from Software Quality Assurance: Integrating Testing, Security, and Audit deals with the conceptual aspects of defect management. There are three parts in this chapter. Part 1 discusses the basic concepts of a defect and why a defect happens. Part 2 introduces the practical methodologies of how to manage the defects. In this section, some sample documents and templates are provided to manage the defect properly. Part 3 discusses and analyzes the root causes of defects and provides recommendations of how to prevent defects in the future.
Introduction to Systematic Strategic Planning
This chapter from Case Studies in Strategic Planning discusses systematic strategic planning (SSP) This is the pattern of procedures by which an organization defines its current status, opportunities, long-term goals, and the strategies for which to achieve them. SSP is based on the principles of PxD (Planning by Design). SSP consists of a framework of phases through which each project passes, a pattern of sections for straightforward planning, and the fundamentals involved in any strategic planning project.
Dissemination and Reporting of Electronically Stored Information
This chapter from the new, second edition of Electronically Stored Information discusses the reasons and the methods for sharing the data we have so carefully acquired, preserved, and managed. There are several reasons and each may engender different approaches or procedures appropriate to the specific needs of those situations. These approaches include the format in which the data are produced, the content, the timing of release, and the actual physical media and process for delivering the electronic information. It also discusses reporting protocols and suggest some ideas to ensure that the reports you create are clear and concise. Finally, it presents tips for participating in depositions or as an expert witness.
Analyzing and Securing Social Networks
This chapter from Analyzing and Securing Social Networks sets the stage to discuss both social media analytics and security. It discusses various applications of social media analytics. Then it considers applying various data mining techniques for social network analysis (SNA), before discussing security and privacy aspects.
5G Overview: Key Technologies
There are some main expectations from the 5G network to present a better telecommunication network. To achieve these goals, the 5G network must have the several characteristics. This chapter from Opportunities in 5G Networks: A Research and Development Perspective, discusses the characteristics and requirements for the coming 5G network.
Developments and Challenges in Location Mining
Identifying the location of social media users would enable, say, law enforcement to determine where the users are if they have committed a crime. On the other hand, we may want to protect the location of innocent users. This excerpt from Analyzing and Securing Social Networks discusses the importance of location mining and provides an overview of the related efforts on this topic. It then discusses the challenges in location mining, as well as aspects of geospatial proximity and friendship.
Operational Assessment of IT: Understanding the Organization
This excerpt from Operational Assessment of IT by Steve Katzman explains why before management can consider committing resources and impeding any business productivity to accomplish any assessment, you must understand the organization. Without this understanding, you will not be recognized as adding value to the organization. You will be considered a cost center, similar to the overhead expense of the building, equipment, etc.
As enterprises have experienced the need to be simultaneously efficient, flexible, responsive, and adaptive, they have transitioned themselves into agile enterprises with small, autonomous teams that work concurrently and reconfigure quickly, and adopt highly decentralized management that recognizes its knowledge base and manages it effectively. This excerpt from Enhancing Enterprise Intelligence: Leveraging ERP, CRM, SCM, PLM, BPM, and BI delves into what it means to be an Agile Enterprise.
Introduction to Change Management
This chapter from Change Management: Manage the Change or It Will Manage You by Frank Voehl and H. James Harrington answers the question, "In a nutshell, what is change management?"
Integrating Changes into Operations: Transition Management
This chapter from Improving Business Performance: A Project Portfolio Management Approach focuses on integrating the changes into the operations of an enterprise.
Lean Primer for IT Professionals
This chapter from The Lean IT Field Guide: A Roadmap for Your Transformation by Michael A. Orzen and Thomas A. Paider provides you with some familiarity on various applications of lean to IT. It's important to have a basic understanding of fundamental concepts and areas of practice in order to stay grounded in principles that really provide lasting results. We often see IT organizations jump from hot new topic to hot new topic, applying a flavor of the month strategy that never sustains itself.
IT Innovation and Ethics
Explaining how ubiquitous computing is rapidly changing our private and professional lives, Ethical IT Innovation: A Value-Based System Design Approach stands at the intersection of computer science, philosophy, and management and integrates theories and frameworks from all three domains. The book explores the latest thinking on computer ethics, including the normative ethical theories currently shaping the debate over the good and bad consequences of technology. This excerpt makes the case as to why IT professionals, managers, and engineers must consider the ethical issues when designing IT systems.
Introduction to Dependable Embedded Software
Embedded Software Development for Safety-Critical Systems discusses the development of safety-critical systems under the following standards: IEC 61508; ISO 26262; EN 50128; and IEC 62304. It details the advantages and disadvantages of many architectural and design practices recommended in the standards, ranging from replication and diversification, through anomaly detection to the so-called "safety bag" systems. Reviewing the use of open-source components in safety-critical systems, the book has evolved from a course text used as a training module on building embedded software for safety-critical devices. This excerpt introduces the concepts of dependable embedded software and the safety culture.
Drones in the City: Toward a Floating Robotic Panopticon?
A social robot is a robot that interacts and communicates with humans or other autonomous physical agents by following social behaviors and rules attached to its role. Just Ordinary Robots: Automation from Love to War provides a socially involved, yet sober, insight into the questions of robotics. Which robot technologies are coming? What are they capable of? Which ethical and regulatory questions will they consequently raise? The authors examine the social significance of the new generation of robots in five areas: home robot, care robot, auto robot, police robot, and military robot. This excerpt discusses Civil Applications of Drones.
Only by understanding the threats and the basics of the tradecraft utilized to facilitate industrial espionage can an organization develop an effective counterespionage program. This chapter from Industrial Espionage: Developing a Counterespionage Program by Daniel J. Benny reviews espionage tradecraft including the intelligence cycle, the categories of intelligence collection, and the methods of collection.
Overview of Cloud Computing Networking
This chapter from Cloud Computing Networking: Theory, Practice, and Development introduces the types of networks and the operating systems that are able to provide network services and manage network devices. It analyzes the functionalities of these operating systems and presents their functionalities through network architecture. Finally, it explains how cloud computing is supported by the operating systems, and discusses the networking process and illustrates how to implement a network system.
Security Countermeasure Selection and Budgeting Tools
This chapter from the second edition of Risk Analysis and Security Countermeasure Selection explains what makes a security countermeasure effective or ineffective, the functions of security countermeasures, infiltration and attack scenarios, attack objectives, criminal offender types, criminal offender countermeasures, how to develop countermeasure effectiveness metrics, and how to develop a Decision Matrix to help decision makers reach consensus on a specific countermeasure when there are many points of view to consider.
Agile Stakeholder Engagement
This chapter from Agile for Project Managers discusses the importance of stakeholder engagement on the agile project. This is an essential practice that ensures a successful product delivery. The chapter concentrates on important concepts such as getting the right stakeholders for the project, cementing stakeholder involvement, and managing the interests of stakeholders.
Provide Leadership Across All Levels
The nature and level of leadership on a program designed and launched to transform the entire business or significant parts of the business are primary determinants of the program being successful by achieving the intended business goals. Given organizational matrices, work complexities, and corporate politics, the program management team personnel rely heavily on their leadership traits to deftly guide issues and manage risks through multiple organizational levels and across functions. As this excerpt from Transforming Business with Program Management explains, leaders can model the behavioral changes needed to embrace the changes the program is driving.
Leveraging Stakeholders to Prepare Your Organization for Change
This excerpt from Stakeholder Engagement: The Game Changer for Program Management focuses first on change management theory to help drive in change management concepts and the importance of change management. It then introduces a simple change management model to incorporate change management activities into your program plans. After learning the foundational elements of change management and reviewing a change management model, the focus shifts to how to implement the change management elements for each of the four stakeholder quadrants.
This excerpt from Securing Systems: Applied Security Architecture and Threat Models discusses deployment models for endpoint anti-malware software.
Operational Models of Corporate Security Intelligence
This excerpt from Corporate Security Intelligence and Strategic Decision Making discusses why it is useful to have a model of intelligence to help guide structures, processes, and the deployment of resources. It then introduces a simple security intelligence model, applicable to any scale of deployment. Finally, it discuss aspects of a common dedicated countercrime model (the National Intelligence Model).
Healthcare Analytics Use in Population Health
Data collection and aggregation provide an opportunity to look for patterns and based on these patterns to make decisions to improve quality and decrease costs. The driver of this change comes from the payment shift from volume to value inherent in the Patient Protection and Affordable Care Act (PPACA). It augments the Health Information Technology for Economic and Clinical Health (HITECH) Act, which requires the implementation of electronic medical records (EMR).
Requirements Generation in ERP Planning
This excerpt from Directing the ERP Implementation: A Best Practice Guide to Avoiding Program Failure Traps While Tuning System Performance discusses the requirements generation process. It defines, in detail, the system functionality as well as the engineered process changes essential for an order of magnitude improvement in operational performance. The attributes of requirements definition include categories such as "mission critical," "essential," and "nice to have," which then establishes the baseline for a traceability matrix that flows through the project phases including design, prototyping, customization, testing, piloting, and delivery.
Introduction to Human-Computer Interaction (HCI)
This excerpt Human-Computer Interaction: Fundamentals and Practice by Gerard Jounghyun Kim introduces HCI as a cross-disciplinary area that deals with the theory, design, implementation, and evaluation of the ways that humans use and interact with computing devices.
Genesis of Personal Communications
This is an excerpt from Mobile Evolution: Insights on Connectivity and Service by Sebastian Thalanany. The book presents insights, interpretations, concepts, and interdependent views--in the landscape of mobile connectivity and service--that emphasize the significance of a harmonious interplay, cooperation, and coalescing of a variety of interdisciplinary domains of science and art. The author explores the forward-looking and enabling capabilities of mobile connectivity and service in the context of long term evolution (LTE) systems and multimedia services, as viewed through a lens of human experience. It provides information and guidelines pertaining to the strategies and technologies associated with the next-generation mobile ecosystem.
Concepts of Database Security
An excerpt from Multilevel Security for Relational Databases. It includes "Database Concepts," "Relational Database Security Concepts," and "Access Control in Relational Databases."
Definition and Evaluation of IT Human Factors
This chapter from Modeling, Evaluating, and Predicting IT Human Resources Performance adopts the "Big Five" theory, widely used in the recruitment and personnel selection process, in order to evaluate human factors of software development team members and to find the connection with individual performance.
Reliability and Availability
The concepts of reliability and availability are talked about, written about, equated with each other, and given star status but, in the main, remain somewhat one-dimensional concepts. In this chapter, and throughout High Availability IT Services, Terry Critchley shows that these concepts, particularly availability, have other dimensions and interpretations as well.
Basics of Security and Cryptography
An excerpt from Practical Cryptography: Algorithms and Implementations Using C++ edited by Saiful Azad and Al-Sakib Khan Pathan. It includes "The Perimeter of Cryptography in Practice" and "Things That Cryptographic Technologies Cannot Do."
Big Data: Architecture and Its Enablement
The concept of big data not a database or data architecture but is more the solutions that leverage any and all data, wherever they come from. In health care, the concepts of big data are enabled only in organizations that focus on data--capture, management, and usage. Health care data is extremely broad, deep, and complex, yet the needs for data access are even greater and ever evolving. To meet such needs, effective data architecture must be intertwined with a formal data governance program. This combination unlocks analytics and begins to leverage big data.
In recent years with constantly updated browser versions, browser security features are becoming more powerful. This chapter from Web Security: A WhiteHat Perspective introduces some major browser security features.
Planning Meetings: The Risk Management Plan
Planning meetings are conducted to ensure the organization has a consistent vision in terms of the project's risk methodology, roles and responsibilities, timing, thresholds, reporting formats, and approaches to tracking. Planning meetings focus on bringing together key stakeholders on risk to determine the risk practices to be pursued and the approach to be used in pursuing them.
Introduction to Customer Relationship Management (CRM) Systems
What is a Customer Relationship Management (CRM) system? Not only is there little agreement on what it really stands for, there is even less agreement on what constitutes a CRM system, how it should be used, the potential of profitability gain, the impact on customer loyalty, the costs involved, the personnel needed, and the training needed for the CRM personnel. CRM system characteristics are not limited to the CRM products and tools that are currently available in the market, and CRM is certainly not a technique or methodology.
Security and Provenance
This chapter from Secure Data Provenance and Inference Control with Semantic Web discusses scalability issues for a secure provenance framework with building a scalable framework is the major goal. Then is discusses aspects of an access control language for provenance. Finally, it discusses graph operations on provenance, using graph structures to represent provenance.
Creating the Requirements Management Plan and Requirements Traceability Matrix
The requirements management plan (RMP) is a document that describes how requirements will be analyzed, documented, and managed throughout the project. It is frequently published in conjunction with the requirements traceability matrix (RTM). Both the RMP and RTM are supposed to be created along with the requirements specifications, and all three documents act as key inputs in the creation of the project plan document. This excerpt from Project Scope Management: A Practical Guide to Requirements for Engineering, Product, Construction, IT and Enterprise Projects discusses creating the RMP and the RTM.
Overarching Topics in Managing the PSTN Transformation
This chapter from Managing the PSTN Transformation: A Blueprint for a Successful Migration to IP-Based Networks provides an overview of major organizational overarching topics, for example, the project structure with roles and responsibilities, the PSTN migration process, as well as a checklist of the main questions and risks that should be considered during the project.
The Smart Grid and Privacy
This chapter from Data Privacy for the Smart Grid discusses the emerging privacy risk and the need for privacy policies, reviews relevant privacy laws, regulations, and standards, and outlines privacy-enhancing technologies and new privacy challenges.
The Lean Leader: A Personal Journey of Transformation
In The Lean Leader, Robert B. Camp uses a compelling novel format to tackle the nuts and bolts of leading a Lean transformation. You'll follow along as the characters face real crises and what seem to be unreasonable deadlines. After reading this book, you'll know how to shed the decision-making tasks that have cluttered their days and delegate those decisions to employees who are closer to the action. You'll also learn how to look over the horizon to define and communicate a new course of action and compel others to follow. Click here to read Chapter 1.
In this chapter from Techniques and Sample Outputs that Drive Business Excellence, H. James Harrington and Chuck Mignosa discuss brainstorming (creative brainstorming), a technique used by a group to quickly generate large lists of ideas, problems, or issues. The emphasis is on quantity of ideas, not quality.
The Digital Divide and the Global Post-2015 Development Debate
In this chapter from Digital Divides: The New Challenges and Opportunities of e-Inclusion, Jeremy Millard provides a global overview to put digital divides into perspective with a view toward the future. He argues that ICTs have a critical role to play in the proposed Sustainable Development Goals (SDGs), which will replace the Millennium Development Goals (MDGs) after they expire in 2015, but that stark digital divides, both between and within countries, could limit their potential effect.
Performance Analysis for Large IaaS Clouds
This is an excerpt, written by Rahul Ghosh, Francesco Longo, and and Kishor S. Trivedi, from Large Scale and Big Data: Processing and Management edited by Sherif Sakr and Mohamed Gaber.
Basic Concepts of Multilevel Database Security
Mandatory access control (MAC) is a method of restricting unauthorized users from accessing objects that contain some sensitive information. An implementation of MAC is multilevel security (MLS), which has been developed mainly for computer and database systems at highly sensitive government organizations such as the intelligence community or the U.S. Department of Defense. This chapter from Multilevel Security for Relational Databases introduces the basic concepts of multilevel database security.
Android Malware Evolution
The evolution of Android malware, while mapping closely to the desktop trends, is often viewed at an accelerated pace. Malware and botnets have had time to grow and trial different methods of infections and potential uses, and the authors of the mobile counterparts are definitely applying these learned lessons. As explained in the chapter from Android Malware and Analysis, there are clear indicators that these are often the same groups working toward extending their list of infected machines to the Android world.
Introducing the Crowd
Crowdsourcing existed long before the term gained popularity and visibility among the masses. They were all practical problems that needed to be solved to create value to the general public or studies that were taken up to prove the power of the crowd. This chapter from Leveraging the Wisdom of the Crowd in Software Testing discusses how this benefits software development.
UTF-8 for PHP and MySQL
Overview of Mobile Platforms
This excerpt from Mobile Social Networking and Computing: A Multidisciplinary Integrated Perspective gives an overview of mobile devices (hardware) and mobile operating systems (software), and discusses MSN development architecture.
Survey of Secure Computing
Secure computing spans a wide spectrum of areas, including protocol-based security issues, denial of service, web and cloud, mobile, database, and social- and multimedia-related security issues, just to name a few. Even as threats present themselves, active mechanisms and good preparation can help to minimize incidents and losses arising from them, but it is also to be noted that security in computing is still a long way from complete. This chapter from Case Studies in Secure Computing: Achievements and Trends presents a survey of common issues in security attacks and defenses in computing through the application of cryptography and the aid of security models for securing systems.
Beyond PCI Compliance
An organization begins a journey when it achieves PCI compliance. It is usually a starting point for a continuing path to information security and assurance. It is very important for the organization to understand the potential challenges and effectively address them after they achieve successful PCI compliance. This excerpt from PCI Compliance: The Definitive Guide briefly discuss the challenges and success factors that the organization must be aware of to maintain compliance and achieve optimum information security for the enterprise.
Maintenance in the Digital World
This excerpt from Buying, Supporting, Maintaining Software and Equipment: An IT Manager's Guide to Controlling the Product Lifecycle deals with contracting for maintenance for both hardware and software purposes in the initial negotiation.
Enterprise architecture is a term that has been broadly defined and used by both academics and practitioners. This excerpt from Enterprise Integration and Information Architecture: A Systems Perspective on Industrial Information Integration provides a clearer understanding of enterprise architecture.
Team Building for a Strategic Initiative
This excerpt from Agile Strategy Management: Techniques for Continuous Alignment and Improvement focuses on getting a strategic initiative off to a good start.
Before You Take Your Next Trip
I don't know if you've ever read Stratfor's guidance on personal security, such as "Taming Chaos with a Personal Plan," but this new book, Personal Security: A Guide for International Travelers, provides a comprehensive approach to personal security and safety when travelling, or even while at home. To support your pre-trip preparations, this chapter, "Before You Go," maps out expert advice and lessons from real life cases to give you insights into basic planning questions.
An Overview of the NoSQL World
Recently, a new generation of low-cost, high-performance database software, aptly named as NoSQL (Not Only SQL), has emerged to challenge the dominance of RDBMS. This excerpt from Large Scale and Big Data: Processing and Management explores NoSQL Key Systems and NoSQL Open Source Projects.
Data classification is the practice of assigning information into predefined groups where each group has a common risk and corresponding security controls. This excerpt from JJ Stapleton's Security without Obscurity: A Guide to Confidentiality, Authentication, and Integrity discusses how information can be organized into categories based on its impact of unauthorized disclosure due to insider or outsider threats. It also discusses the concept of data tagging of other attributes that affect data management.
Anonymity in Network Communication
In todayís interactive network environment, where various types of organizations and indiviudals are eager to monitor and track Internet use, anonymity is one of the most powerful resources available to counterbalance the threat of unknown spectators and to ensure Internet privacy. Find out more in this excerpt from Anonymous Communication Networks: Protecting Privacy on the Web by Kun Peng.
Future Trends in WAN Security
This is an excerpt from Intrusion Detection in Wireless Ad-Hoc Networks edited by Nabendu Chaki and Rituparna Chaki.
What You Need to Know First about Penetration Testing
This is an excerpt from Conducting Network Penetration and Espionage in a Global Environment by by Bruce Middleton.
This is an excerpt from Security for Service Oriented Architectures by Walter Williams.
Security Issues in Machine-to-Machine Communication
This is an excerpt from Security for Multihop Wireless Networks edited by Shafiullah Khan and Jaime Lloret Mauri.
The Hybrid (Frugal) CISO
This excerpt from Kerry Ann Anderson's The Frugal CISO: Using Innovation and Smart Approaches to Maximize Your Security Posture presents theFrugal CISO as a hybrid professional. Frugal CISOs possess a diverse set of qualities and is adaptable in choosing to utilize them depending upon the specific circumstances in which they are operating. Being able to adapt to a variety of environments and circumstances is fundamental to information security that is dynamic and constantly under pressure to securely manage new technical innovations.
Knowledge Management and e-Learning: Putting Theory into Practice
Knowledge management and e-learning have synergistic effects. They both contain elements of leveraging knowledge internally and externally, and both could add to the strategic intelligence of the organization. The combination of these two areas is just starting to evolve, per the evidence of the Knowledge Management & E-Learning journal and the recent book publication of Knowledge Management and E-Learning. Closer attention is warranted in the integration of these fields in order to advance the current state-of-the-art. In this presentation, Jay Liebowitz talks about these areas from a strategic intelligence framework, and will show examples of how you can translate the theory into practice.
SDN/OpenFlow: Concepts and Applications
From the Internet to many data center applications, SDN has found a wide array of useful possibilities. Everyone seems to be talking about SDN and OpenFlow, but what do they really know? Is it the panacea the media proclaims? In this excerpt from Network Innovation through OpenFlow and SDN: Principles and Design, Ashley Gerrity and Fei Hu discuss SDN's many applications, including researching new protocols prior to implementing them in real networks, increasing connectivity in rural environments, making both cloud-based and regular data centers better, and supporting mobile device offloading.
Introduction to Wireless Intrusion Detection Systems
This excerpt from The State of the Art in Intrusion Prevention and Detection categorizes the typical operation of a common WIDS into six sections. These six categories are relevant for any IDS although the focus in the descriptions has concentrated on wireless IDSs. Discussion of the major attributes of each of these categories demonstrates that the choice of IDS characteristics can influence the performance of subsequent stages. Poor choices in the design of lower stages in the WIDS process can impact on the outcome of the entire system, leading to cascading suboptimal performance.
Internet Exploitation: The Web, Your Computer, Your IT System
In this excerpt from Trade Secret Theft, Industrial Espionage, and the China Threat, Carl Roper details vulnerabilities and attacks from hardware, software, and firmware (supply chain security issues) as well as network attacks.
Mobile Medical Devices
This is an excerpt from Chapter 6 of Wi-Fi Enabled Healthcare by Ali Youssef, Douglas McDonald II, Jon Linton, Bob Zemke, and Aaron Earle.
Before You Decide to Outsource
This is an excerpt from Chapter 3 of Managing Risk and Security in Outsourcing IT Services: Onshore, Offshore and the Cloud by Frank Siepmann.
Fundamentals of Complex Networks
This is an excerpt from Evolutionary Dynamics of Complex Communications Networks by Vasileios Karyotis, Eleni Stai, and Symeon Papavassiliou.
Maintaining Professional Certification
This is an excerpt from The Basics of Achieving Professional Certification: Enhancing Your Credentials by Willis H. Thomas.
Using PhoneGap Build
This is an excerpt from PhoneGap Build: Developing Cross Platform Mobile Applications in the Cloud by Bintu Harwani.
Leadership and Mentoring
This is an excerpt from The Four Components of a Fast-Paced Organization: Going Beyond Lean Sigma Tools by Robert Baird.
Creativity Life Cycle Models in Project Management
This is an excerpt from Creative, Efficient, and Effective Project Management by Ralph L. Kliem, PMP.
Forensic Document Expertise
This chapter from Expert Bytes: Computer Expertise in Forensic Documents describes common scenarios in the work of forensic document examiners (FDEs), the objects they examine and the goals of the expertise. To calibrate their intended research projects it is important that computer scientists know and understand what the issues are that FDEs have to solve.
Project Management Tools
"Tools of the trade" enable individuals in any profession to perform their work more effectively, efficiently, and consistently. The project management profession is like most others in its need for specialized tools. In todayís project management environment, the project management office (PMO) can serve its constituency well by providing support and guidance.
Defining Addressing Social Media Security and Privacy Challenges
Addressing information security and privacy within business organizations has provided numerous additional challenges with recently introduced technologies and comparatively new online habits of individuals. It is important when planning to take advantage of those benefits to also know and understand the associated risks, both to privacy and to network and information security.
The Birth of My First Program
From Projects to Programs: A Project Manager's Journey is a story about a project manager growing into a program managerís shoes. This excerpt chronicles his first day as a newly-promoted project manager.
Setting the Foundation of an Enterprise Architecture
This excerpt from Enterprise Architecture and Information Assurance: Developing a Secure Foundation by James A. Scholz looks at ten processes that are by-products of security as the foundation of am enterprise architecture.
The Role of Data Governance in an Organization
Developing an appropriate data strategy that fits the marketplace is one necessary ingredient for business success. Effective data governance reduces uncertainty and helps improve an organizationís performance. An organizationís ability to collect pertinent information and act on signals that others miss provides it a strategic advantage.
Taming the "21st Centuryís Wild West" of Cyberspace
The world faces unprecedented risks across the Internet in what has become known as "The 21st Centuryís Wild West," where attacks on computer systems and networks are generally conducted with the complete anonymity and impunity for those perpetrating these acts. Establishing a robust system of monitoring, controls, and sanctions to ensure that the Internet functions as a trusted and heavily defended environment that fosters cooperation, collaboration, and commerce will have a dramatic effect on the stability, viability, and resilience of our interconnected global economy.
An Ethics for the New (and Old) Surveillance
As the recent revelations about the NSA's Prism and Tempora programs shows, new surveillance technologies and various forms of electronic location monitoring raise important social, political, and cultural questions. This chapter suggests concepts to order the rich variation the topic offers across kinds of tools for collecting personal information and across various contexts regardless of whether they involve national security, work, commerce, family, or friends.
Green Servers and Data Centers
This chapter describes how to green your data centers and servers by choosing green suppliers when you buy in data center services. It explains why you should start now, and discusses planning buildings, power supplies, and servers, storage, and networking.
There has been a wide interest in the secure design and implementation of smart grid systems.38 The SCADA system is on of the most important legacy systems of the smart grid systems. In this excerpt, the authors demonstrate the challenges to secure the current automation systems, such as SCADA systems, with examples.
Wireless Network Security: An Overview
Wherever wireless networks are deployed, security vulnerability will always exist. Security attacks and vulnerabilities can only be mitigated if best practices, as well as correct policies and standards, are used. This chapter discusses some of the important and best practices that can be implemented for improving mobile and wireless security. Wireless security will continue to be a research topic as long as there are ways to attack or obtain unauthorized access to wireless networks.
Extensible Markup Language Document Management
The emergence of novel applications for the next-generation network highlights the need to overtake the traditional "data silo" model. To fit this need, the Open Mobile Appliance (OMA) defined standard reusable common components called enablers. These brought several advantages, including a uniform management of the increasing amount of user-related data. The last was facilitated by the gradual introduction of the Extensible Markup Language (XML) Document Management (XDM) technology.
Why Measure Information Security?
This is an excerpt from PRAGMATIC Security Metrics: Applying Metametrics to Information Security by W. Krag Brotby and Gary Hinson.
What Is Digital Forensics, and What Should You Know About It?
This is an excerpt from Digital Forensics Explained by Greg Gogolin.
HIPAA/HITECH Compliance Overview
This is an excerpt from The Definitive Guide to Complying with the HIPAA/HITECH Privacy and Security Rules by John J. Trinckes, Jr.
Complex Systems Engineering Principles
This is an excerpt from Leadership in Chaordic Organizations by Beverly Gay McCarter and Brian E. White .
Unique Challenges of Virtual Teams and Their Leaders
This is an excerpt from Leading Effective Virtual Teams: Overcoming Time and Distance to Achieve Exceptional Results by Nancy M. Settle-Murphy.
Service-Oriented Network Virtualization for Convergence of Networking and Cloud Computing in Next-Generation Networks
This is an excerpt from Building Next-Generation Converged Networks: Theory and Practice edited by Al-Sakib Khan Pathan, Muhammad Mostafa Monowar, and Zubair Md. Fadlullah.
The BYOD Revolution
Itís not a question of if. Itís not even a question of when. Itís a question of will you be ready? It's not too late. This is an excerpt from Bring Your Own Devices (BYOD) Survival Guide by Jessica Keyes.
Overview of Data Anonymization
This is an excerpt from The Complete Book of Data Anonymization: From Planning to Implementation by Balaji Raghunathan.
Virtualization Overview: Focus on the Business Benefits
According to news.cnet.com, Larry Ellison said, "the computer industry is more fashion-driven than womenís fashion." He was referring to cloud computing, but his comment equally applies to virtualization. Virtualization has a definite business payoff, which we will identify. But virtualization is not the right fix for every problem, and there are many examples of virtualization with little or no business payoff. This is an excerpt from Data Center Storage: Cost-Effective Strategies, Implementation, and Management by Hubbert Smith.
Android and the Secure Enterprise
Like it or not, Android is in the enterprise to stay, insecurities and all. This chapter from Android Security: Attacks and Defenses introduces you to the mobile device landscape and demonstrates why Android security matters. Authors Anmol Misra (Cisco Systems) and Abhishek Dubey (Webroot Software) analyze the evolution of mobile security threats, from basic phones to smartphones, including ones running the Android platform. They then introduce Android history, releases, and marketplaces for Android applications.
Defining Enterprise and Transformation Challenges
This is an excerpt from Enterprise Dynamics Sourcebook edited by Kenneth C. Hoffman, Christopher G. Glazner, William J. Bunting, Leonard A. Wojcik, and Anne Cady.
Fundamental Noise Concepts
This is an excerpt from Physical Principles of Wireless Communications, Second Edition by Victor L. Granatstein.
New Directions of Modern Cryptography
This is an excerpt from New Directions of Modern Cryptography by Cao Zhenfu.
Service-Oriented Network Virtualization for Convergence of Networking and Cloud Computing in Next-Generation Networks
This is an excerpt from Building Next-Generation Converged Networks: Theory and Practice edited by Al-Sakib Khan Pathan, Muhammad Mostafa Monowar, and Zubair Md. Fadlullah.
Communication Middleware for the Internet of Things
This excerpt from The Internet of Things in the Cloud: A Middleware Perspective talks about the extensions and enhancements of the existing technologies in the device and connect layers. If the IoT applications are to be extended from the current insolated Intranet or Extranet environments to the wide area as well as global Internet landscape, some fundamental changes in the networking systems have to be considered in a converged next-generation network (NGN) setting.
Data Warehousing and Business Intelligence: What, Why, How, When, When Not?
This is an excerpt from Open Source Data Warehousing and Business Intelligence by Lakshman Bulusu.
M3 and A5
This is an excerpt from Machine-to-Machine Marketing (M3) via Anonymous Advertising Apps Anywhere Anytime (A5) by Jesus Mena.
This is an excerpt from Cloud Enterprise Architecture by Pethuru Raj.
COSMIC Full Function Points (FFP) and the Worldwide Field Trials Strategy
This is an excerpt from The IFPUG Guide to IT and Software Measurement edited by IFPUG.
Building Security into Software
This is an excerpt from The 7 Qualities of Highly Secure Software by Mano Paul.
Essbase Foundational Hardware and Software Tips and Tricks
This is an excerpt from Developing Essbase Applications: Advanced Techniques for Finance and IT Professionals edited by Cameron Lackpour.