Forgot your password?
Book Reviews

+ - Book review: Data-Driven Security: Analysis, Visualization and Dashboards

Submitted by benrothke
benrothke (2577567) writes "Data-Driven Security: Analysis, Visualization and Dashboards

Author: Jay Jacobs and Bob Rudis

Pages: 352

Publisher: Wiley

Rating: 10/10

Reviewer: Ben Rothke

ISBN: 978-1118793725

Summary: Superb book for effective use of data for information security

There is a not so fine line between data dashboards and other information displays that provide pretty but otherwise useless and unactionable information; and those that provide effective answers to key questions. Data-Driven Security: Analysis, Visualization and Dashboardsis all about the later.

In this extremely valuable book, authors Jay Jacobs and Bob Rudis show you how to find security patterns in your data logs and extract enough information from it to create effective information security countermeasures. By using data correctly and truly understanding what that data means, the authors show how you can achieve much greater levels of security.

The book is meant for a serious reader who is willing to put in the time and effort to learn the programming necessary (mainly in Python and R) to truly understand what information exists deep in the recesses of their logs. As to R, it is a GNU project and a free software programming language and software environment for statistical computing and graphics. The R language is widely used among statisticians and data miners for developing statistical software and data analysis. For analysis the level of which Jacobs and Rudis prescribe, R is a godsend.

The following are the 12 densely packed chapters in the book:

1 : The Journey to Data-Driven Security

2 : Building Your Analytics Toolbox: A Primer on Using R and Python for Security Analysis

3 : Learning the "Hello World" of Security Data Analysis

4 : Performing Exploratory Security Data Analysis

5 : From Maps to Regression

6 : Visualizing Security Data

7 : Learning from Security Breaches

8 : Breaking Up with Your Relational Database

9 : Demystifying Machine Learning

10 : Designing Effective Security Dashboards

11 : Building Interactive Security Visualizations

12 : Moving Toward Data-Driven Security

After completing the book, the reader will have the ability to know which questions to ask to gain security insights, and use that data to ensure the overall security of their data and networks. Getting to that level is not a trivial at all a trivial task; even if there are vendors who can promise to do that.

For many people performing data analysis, the dependable Excel spreadsheet is their basic choice for data manipulation. The book calls the spreadsheet a gateway tool between a text editor and programming. The book notes that spreadsheets work as long as the data is not too large or complex. The book quotes a 2013 report to shareholders from J.P. Morgan in which parts of their 2012 $6 billion in losses was due in part to problems with their Excel spreadsheets.

The authors suggest using Excel as a temporary solution for quick one-shot tasks. For those that have repeating analytical tasks or models that are used repeatedly, it's best to move to some type of structured programming language, specifically those that the book suggest and for provides significant amounts of code examples; all of which are available on the companion website here.

The goal of all data extraction is to use data analysis to answer real questions. A large part of the book focuses on how to ask the right question. In chapter 1, the authors write that every good data analysis project begins with setting a goal and creating one or more research questions. Without a well-formed question guiding the analysis, you may wasting time and energy seeking convenient answers in the data, or worse, you may end up answering a question that nobody was asking in the first place.

The value of the book is that it shows the reader how to focus on context and purpose of the data analysis by setting the research question appropriately; rather than simply parsing large amounts of data. It's ultimately irrelevant if you can use Hadoop to process petabytes of data if you don't know what you are looking for.

Visualization is a large part of what this book is about, and in chapter 6 — Visualizing Security Data, the book notes that the most efficient path to human understanding is via the visual sense. It goes on to details the many advantages data visualization has, and the key to making it work.

As important as visualization is, describing the data is equally important. In chapter 7, the book introduces the VERIS(Vocabulary for Event Recording and Incident Sharing) framework. VERIS is a set of metrics designed to provide a common language for describing security incidents in a structured and repeatable manner. VERIS helps organizations collect useful incident-related information and to share that information, anonymously and responsibly with others.

The book shows how you can use dashboards for effective data visualization. But the authors warn that a dashboard is notan art show. They caution that given the graphical nature of dashboards, it's easy to fall into the trap of making them look like pieces of modern or fringe art; when they are far more akin to architectural and industrial diagrams that require more controlled, deliberate and constrained design.

As to dashboards the authors do not like, they consider the Cyber Security Situational Awarenessto be glitzy but not informative. Personally, I thought the dashboard has a lot of good information.

The book uses the definition of dashboardaccording to Stephen Few, in that it's a "visual display of the most important information needed to achieve one or more objectives that has been consolidated in a single computer screen so it can be monitored at a glance". The book enables the reader to create dashboards like that.

Data-Driven Security: Analysis, Visualization and Dashboardsis a superb book written by two experts who provide significant amounts of valuable information in every chapter. For those that are willing to put the time and effort into the serious amount of work that the book requires, they will find it a vital resource that will certainly help them achieve much higher levels of security.

Reviewed by Ben Rothke"

Comment: Re:Either Ben or Stapleton is missing something (Score 1) 51

by benrothke (#47250453) Attached to: Book Review: Security Without Obscurity

::: Why do you think we created Triple-DES?

Because 56-bit DES was indeed weak. But aside from an exhaustive key attack as noted; do you know of any DES flaws? It seems like there are none. :::Supposedly the NSA made it more difficult to use differential calculus against DES by changing the S-Box permutations but it is still possible.

Let me check that out and see if that is indeed the case.

+ - Book review: Security without Obscurity

Submitted by benrothke
benrothke (2577567) writes ": Security without Obscurity: A Guide to Confidentiality, Authentication and Integrity

Author: J.J. Stapleton

Pages: 355

Publisher: Auerbach Publications

Rating: 8/10

Reviewer: Ben Rothke

ISBN: 978-1466592148

Summary: Great guide to enterprise authentication from an expert

Having worked at the same consulting firm and also on a project with author J.J. Stapleton (yes, that was full disclosure); I knew he was a really smart guy. In Security without Obscurity: A Guide to Confidentiality, Authentication and Integrity, Stapleton shows how broad his security knowledge is to the world.

When it comes to the world of encryption and cryptography, Stapleton has had his hand in a lot of different cryptographic pies. He has been part of cryptographic accreditation committees for many different standard bodies across the globe.

The premise of the author and the need for the book is that the traditional information security CIA triad (confidentiality, integrity, availability) has led to the situation where authentication has to a large part gotten short shrift. This is a significant issue since much of information security is built around the need for strong and effective authentication. Without effective authentication, networks and data are at direct risk for compromise.

The topic itself is not exactly compelling (that is, unless you like to read standards such as ANSI X9.42-2003: Public Key Cryptography for the Financial Services Industry: Agreement of Symmetric Keys Using Discrete Logarithm Cryptography, ISO/IEC 9798-1:2010: Information technology — Security techniques — Entity authentication,etc.), so the book is more of a detailed technical reference. Those looking for a highly technical overview, interoperability guidance, and overall reference will find the book most rewarding.

For those who don't have a general background on the topic; it may be a book too deep and technical for those looking for something more in line of a CISSP preparation guide.

For those that want to know the deep underpinnings of how encryption algorithms work; they can simply read the RFC's and standards themselves. What the book brings to the table are details about how to effectively implement the standards and algorithms in the enterprise; be it in applications, policies; or the specific procedures to meet compliance and standards requirements. And that is where Stapleton's many decades of experience provide significant and inestimable value.

There are many reasons why authentication systems fail and many times it is due to interoperability issues. Stapleton details how to ensure to minimize those faults in order to achieve seamless authentication across multiple technologies and operating systems.

The 7 chapters cover a dense amount of information around the 3 core topics. The book is for the reader with a solid technical background. While it may be listed as an exploratory text, it is not like a For Dummies title.

As per its title, it covers confidentiality, authentication and integrity; in addition to other fundamental topics of non-repudiation, privacy and key management.

One of the ways Stapleton brings his broad experience to the book is in the many areas where he compares different types of cryptosystems, technologies and algorithms. This enables the reader to understand what the appropriate type of authentication is most beneficial for the specific requirement.

For example, in chapter 7, the book provides a really good comparison and summary of different cryptographic modules, including how they are linked to various standards from NIST, NSA, ANSI and ISO. It does the same for a comparison of cryptographic key strengths against various algorithms.

An interesting observation the book makes when discussing the DES encryption algorithm, is that all of the talk of the NSA placing backdoors in it are essentially false. To date, no known flaws have been found against DES, and that after being around for over 30 years, the only attack against DES is an exhaustive key attack. This type of attack is where an adversary has to try each of the possible 72 quadrillion key (256permutations – as the key is 56 bits long) until the right key is discovered.

That means that the backdoor rumors of the NSA shortening the length of the substitution ciphers (AKA s-boxes), was not to weaken it necessarily. Rather it was meant to block DES against specific types of cryptanalytic attacks.

While the book is tactical; the author does bring in one bit of trivia when he writes that the ISO, often known as the International Organization for Standardization, does not in truth realty stand for that. He notes that the organizations clearly states on its web pagethat because International Organization for Standardizationwould have different acronyms in different languages (IOS in English, OIN in French for Organisation internationale de normalization, etc.); its founders decided to give it the short form ISO. ISO is derived from the Greek isos, meaning equal. Whatever the country, whatever the language, the short form of the name is always ISO.

While that is indeed ultimately a trivial issue, I have seen certification exams where they ask what that acronym stands for. Perhaps a lot of CISSP's need to have their credentials revoked.

While Stapleton modifies the CIA triad, the book is not one of a security curmudgeon, rather of a security doyen. For anyone looking for an authoritative text on how to fully implement cross-platform security and authentication across the enterprise, this is a valuable reference to get that job done.

Reviewed by Ben Rothke"

Comment: Re:Very Easy (Score 1) 56

by benrothke (#47098607) Attached to: Book Review: Hacking Point of Sale

I agree with you.

The issue thought is that these ‘purpose designed networks’ can at limited times, be created with a small set of requirements (purposes).

But in large e-commerce settings, with multiple suppliers, inputs, etc., the purpose expands significantly, with complexity that quickly becomes unmanageable; and quickly insecure.

Comment: Re:Torching the house rather than lighting a candl (Score 1) 56

by benrothke (#47098595) Attached to: Book Review: Hacking Point of Sale

Interesting point.

But that is the same admonition was used when the first ‘Hacking Exposed’ book came out. Which is similar to the argument that terrorists will use strong encryption.

Ultimately, it simply makes it that the white hats should read these books more of an imperative.

Full list of the series here:

+ - Book review: Hacking Point of Sale:

Submitted by benrothke
benrothke (2577567) writes "Title:Hacking Point of Sale: Payment Application Secrets, Threats, and Solutions

Author: Slava Gomzin

Pages: 312

Publisher: Wiley

Rating: 10/10

Reviewer: Ben Rothke

ISBN: 978-1118810118

Summary: Superb book on POS, PCI and payment security

The only negative thing to say about Hacking Point of Sale: Payment Application Secrets, Threats, and Solutionsis its title. A cursory look at it may lead the reader that this is a book for a script kiddie, when it is in fact a necessary read for anyone involved with payment systems. The book provides a wealth of information that is completely pragmatic and actionable. The problem is, as the book notes in many places, that one is constantly patching a system that is inherently flawed and broken.

Often after a major information security breach incidents, a public official (always in front of cameras and with many serious looking people standing in the wings) will go on TV and say something akin to "we have to make sure this never happens again".

Last year, Target was the major victim. This month, it's eBay. But after hundreds of millions of records breached, it's not that anyone is saying it won't happen again. Rather, it's inevitable it will happen many more times.

There are a number of good books on PCI, but this is the first one that looks at the entire spectrum of credit card processing. Author Slava Gomzin is a security and payments technologist at HP and as evident in the book, he lives and breathes payment technology and his expert knowledge is manifest in every chapter. His technical expertise is certain to make the reader much better informed and understand the myriad issues involved.

The book provides an excellent overview to the workings of payment systems and Gomzin is not shy about showing how insecure many payment systems are. Its 9 chapters provide a good combination of deep technical and general detail.

The reader comes out with a very good overview of how payment systems work and what the various parts of it are. For many people, this may be the first time they are made aware of entities such as processors, acquirers and gateways.

An interesting point the book raises is that it has been observed there are less breaches in Europe since they use EMV (also known as chip and pin) instead of insecure magnetic-stripe cards which are used in the US. This leads to a perception that EMV is by default much stronger. But the book notes that EMV was never designed to secure the cardholder data after the point of sale. The recent breaches at Target and Neiman Marcus were such that cardholder data was pilfered after it was in the system.

Another major weakness with EMV is it doesnt provide added security to web and online transactions. When a customer goes to a site and makes a transaction with an EMV card, it is fundamentally the same as if they would have used a magnetic stripe card. What many people don't realize also is that EMV is not some new technology. It's been around for a while. What it did was reduce the amount of fraud for physical use amongst European merchants. But the unintended consequence was that it simply moved the fraud online, where EMV is powerless.

As noted, the book provides the details and vulnerabilities of every aspect of the life of a payment card, including physical security. In chapter 4, he notes that there are numerous features that are supposedto distinguish between a genuine payment card from a counterfeited one. These include logo, embossed primary account number (PAN), card verification values and ultraviolet (UV) marks. Each one of them has their own set of limits. For the supposed security of UV marks, these are relatively easily replicated by a regular inkjet printer with UV ink.

In fact, Gomzin writes that all payment cards as they are in use today are insecure by design due to the fact that there are multiple physical security features that don't provide adequate protection from theft, and that the sensitive cardholder data information is encoded on a magnetic strip in clear text.

Gomzin has numerous PCI certifications and with all that, doesn't see PCI as the boon to payment card security as many do. He astutely observes that PCI places a somewhat myopic approach that data at rest is all that matters. Given that PCI doesn't require payment software vendors or users to encrypt application configuration data, which is usually stored in plaintext and opened to uncontrolled modification; this can allow payment application to be compromised through misconfiguration.

Even with PCI, Gomzin shows that credit card numbers are rather predictable in that their number space is in truth rather small, even though they may be 15-19 digits in length. This is due to the fact that PCI allows the first 6 and last 4 digits to be exposed in plaintext, so it's only 6 digits that need to be guessed. This enables a relatively easy brute force attack, and even easier if rainbow tables are used.

The Target breach was attributed to memory scraping and the book notes that as devastating an attack memory scraping is, there are no existing reliable security mechanisms that would prevent memory scraping.

The appendix includes a POS vulnerability rank calculator which can provide a quick and dirty risk assessment of the POS and associated payments application and hardware. The 20 questions in the calculator can't replace a formal assessment. But the initial results would likely mimic what that formal assessment would enumerate.

So what will it take to fix the mess that POS and payment systems are in now? The book notes that the system has to be completely overhauled for POS security to truly work. He notes that point-to-point encryption is one of the best ways to do that. What is stopping that is the huge costs involved in redoing the payment infrastructure. But until then, breaches will be daily news.

Hacking Point of Saleis an invaluable resource that it highly relevant to a wide audience. Be it those in compliance, information security, development, research or in your payment security group. If you are involved with payment systems, this is a necessary book.

When an expert like Slava Gomzin writes, his words should be listened to. He knows that payment breaches are inevitable. But he also shows you how to potentially avoid that tidal wave of inevitability.

Reviewed by Ben Rothke"

+ - Book review: Designing with the Mind in Mind

Submitted by benrothke
benrothke (2577567) writes "Designing with the Mind in Mind, a Simple Guide to Understanding User Interface Design Guidelines

Author: Jeff Johnson

Pages: 240

Publisher: Morgan Kaufmann

Rating: 9/10

Reviewer: Ben Rothke

ISBN: 978-0124079144

Summary: Excellent reference on the integration of user interface design and the min

Neurologists and brain scientists are in agreement that in truth, we know very little about how the brain works. With that, in the just released second edition of Designing with the Mind in Mind, a Simple Guide to Understanding User Interface Design Guidelines, author Jeff Johnson provides a fascinating introduction on the fundamentals of perceptual and cognitive psychology for effective user interface (UI) design and creation. UI is a facet of human–computer interaction (HCI), of which HCI involves the study, planning, design and uses of the interaction between people and the computers and devices they are using.

Johnson heads up a consulting firm that specialized in evaluating and designing UI and brings significant experience to every chapter. He writes that following user-interface design guidelines is not as straightforward as something like following a cooking recipe; even though people often compare the two. Design rules often describe goals rather than actions, as they are purposefully very general to make them broadly applicable. The downside to that is that it means that their exact meaning and applicability to specific design situations is open to interpretation.

With that, the book provides an exceptional foundation on how to ensure effective usability is successfully implemented. The book spends a long time detailing how users make decisions and choices.

What's really good about the book is that Johnson provides ample details about the topic, but doesn't reduce it to so just a set of rules or mind-numbing (and thusly unreadable) checklists. His synopsis of the topics provides the reader with a broad understanding of the topic and what they need to do in order to ensure effective UI design is executed.

While the focus in the book is heaving on general and cognitive psychology, the book is written for the reader who is a novice in the area, and stays quite practical, without getting in the vague theoretical areas.

The book provides scores of examples of how people relate to an interface, and how to design accordingly. One of many fascinating examples is when the author details the notion of attentional blink. After we see or hear something, either in real-life or on a monitor, for a very brief amount of time following the recognition, between .15 and .45 of a second; we are nearly deaf and blind to other visual stimuli, even though our eyes and ears stay functional. Researchers call this attentional blinkand it is thought to be caused by the brain's perceptual and attentional mechanism being briefly fully occupied with processing the first recognition.

What this means for a UI designer is that attentional blink can cause the user to miss information or events if things appear in rapid succession. The book then goes on to describe techniques in which to create an effective UI to deal with the effects of attentional blink. And he does this for scores of other similar issues.

Another fascinating example is around visual hierarchy, which lets people focus on the relevant information. The book notes that one of the most important goals in arranging information presentations is to provide a visual hierarchy, an arrangement that breaks the information into distinct sections, labels each section prominently, and presents the sections and subsections as a hierarchy.

The book details the myriad areas which are crucial for an effective interface. Chapters 4 and 5 provide significant detail about the importance of color for effective visual representation.

As the title suggests, the book takes a deep approach to the neuroscience and psychology in UI design. Other chapters include topics on human vision, sound, task, cognition, memory and more.

As to memory, chapter details issues around the working memory of a user. He gives numerous examples of error boxes and help screens that work and are epic failures, and how to do it right. The classic example he provides is a 4-step Windows XP wireless error message. If the user were to follow the directions, the instructions would close after step 1.

Each chapter provides numerous implications of proper and improper design, and provides the needed recommendations. While the topics may sound dry, Johnson writes in an engaging and often humorous style.

The book clearly and empirically shows how effective UI design makes all the difference on how users interact with an application or web site. The book will certainly be an important reference to software designers, web designers, web application designers and those interested in HCI, and usability.

For the designers that can't understand why their users are frustrated, they can understand why here. For designers that really want to know what is going on in their users minds, one is hard pressed to find a better reference than this.

As the subtitle of the book is Simple Guide to Understanding User Interface Design Guidelines, the book is an invaluable resource for those serious about effective UI design.

Reviewed by Ben Rothke"
Book Reviews

+ - Book review

Submitted by benrothke
benrothke (2577567) writes "Title: How I Discovered World War IIs Greatest Spy and Other Stories of Intelligence and Code

Author: David Kahn

Pages: 469

Publisher: Auerbach Publications

Rating: 8/10

Reviewer: Ben Rothke

ISBN: 978-1466561991

Summary: Very good collection of a large number of excellent articles from David Kahn

When it comes to documenting the history of cryptography, David Kahn is singularly one of the finest, if not the finest writers in that domain. For anyone with an interest in the topic, Kahn's works are read in detail and anticipated.

His first book was written almost 50 years ago: The Codebreakers – The Story of Secret Writing; which was a comprehensive overview on the history of cryptography. Other titles of his include Seizing the Enigma: The Race to Break the German U-Boats Codes, 1939-1943. The Codebreakers was so good and so groundbreaking, that some in the US intelligence community wanted the book banned. They did not bear a grudge, as Kahn became an NSA scholar-in-residence in the mid 1990's.

With such a pedigree, many were looking forward, including myself, to his latest book "How I Discovered World War IIs Greatest Spy and Other Stories of Intelligence and Code". While the entire book is fascinating, it is somewhat disingenuous, in that there is no new material in it. Many of the articles are decades old, and some go back to the late 1970's. From the book description and cover, one would get the impression that this is an all new work. But it is not until ones reads the preface, that it is detailed that the book is simple an assemblage of collected articles.

For those that are long-time fans of Kahn, there is nothing new in the book. For those that want a wide-ranging overview of intelligence, espionage and codebreaking, the book does provide that.

The book gets its title from a 2007 article in which Kahn tracked down whom he felt was the greatest spy of World War 2. That was none other than Hans-Thilo Schmidt, who sold information about the Enigma cipher machine to the French. That information made its way to Marian Rejewski of Poland, which lead to the ability of the Polish military to read many Enigma-enciphered communications.

An interesting question Kahn deals with is the old conspiracy theory that President Franklin Roosevelt and many in is administration knew about the impending attack on Pearl Harbor. He writes that the theory is flawed for numerous reasons. Kahn notes that the attack on Pearl Harbor succeeded because of Japan's total secrecy about the attack. Even the Japanese ambassador's in Washington, D.C., whose messages the US was reading were never told of the attack.

Chapter 4 from 1984 is particularly interesting which deals with how the US viewed Germany and Japan in 1941. Kahn writes that part of the reason the US did not anticipate a Japanese attack was due to racist attitudes. The book notes that many Americans viewed the Japanese as a bucktoothed and bespectacled nation.

Chapter 10 Why Germany's intelligence failed in World War II, is one of the most interesting chapters in the book. It is from Kahn's 1978 book "Hitlers Spies: German Military Intelligence In World War II".

In the Allies vs. the Axis, the Allies were far from perfect. Battles at Norway, Arnhem and the Bulge were met with huge losses. But overall, the Allies enjoyed significant success in their intelligence, much of it due to their superiority in verbal intelligence because of their far better code-breaking. Kahn writes that the Germans in contrast, were glaringly inferior.

Kahn writes that there were five basic factors that led to the failure of the Germans, namely: unjustified arrogance, which caused them to lose touch with reality; aggression, which led to a neglect of intelligence; a power struggle within the officer corps, which made many generals hostile to intelligence; the authority structure of the Nazi state, which gravely impaired its intelligence, and anti-Semitism, which deprived German intelligence of many brains.

The Germans negative attitude towards intelligence went all the way back to World War I, when in 1914 the German Army was so certain of success that many units left their intelligence officers behind. Jump to 1941 and Hitler invaded Russia with no real intelligence preparation. This arrogance, which broke Germany's contact with reality, also prevented intelligence from seeking to resume that contact.

Other interesting stories in the book include how the US spied on the Vatican in WW2, the great spy capers between the US and Soviets, and more.

For those that want a broad overview of the recent history of cryptography, spying and military intelligence, How I Discovered World War IIs Greatest Spy and Other Stories of Intelligence and Code, is an enjoyable, albeit somewhat disjointed summary of the topic.

The best part of the book is its broad scope. With topics from Edward Bell and his Zimmermann Telegram memoranda, cryptology and the origins of spread spectrum, to Nothing Sacred: The Allied Solution of Vatican Codes in World War II and a historical theory of intelligence, the book provides a macro view of the subject. The down side is that this comes at the cost of the 30 chapters being from almost as many different books and articles, over the course of almost 40 years.

For those that are avid readers of David Kahn, of which there are many, this title will not be anything new. For those that have read some of Kahn's other works and are looking for more, How I Discovered World War IIs Greatest Spywill be an enjoyable read.

Reviewed by Ben Rothke"

+ - Book review: Threat Modeling: Designing for Security

Submitted by benrothke
benrothke (2577567) writes "Title: Threat Modeling: Designing for Security

Author: Adam Shostack

Pages: 624

Publisher: Wiley

Rating: 10/10

Reviewer: Ben Rothke

ISBN: 978-1118809990

Summary: Invaluable guide to create a formal threat modeling program

Full disclosure: The author of this book and I are friends.

When it comes to measuring and communicating threats, perhaps the most ineffective example in recent memory was the Homeland Security Advisory System; which was a color-coded terrorism threat advisory scale.

The system was rushed into use and its output of colors was not clear or intuitive. What exactly was the difference between levels such as high, guarded and elevated? From a threat perspective, which color was more severe — yellow or orange? Former DHS chairman Janet Napolitano even admitted that the color-coded system presented "little practical information" to the public

While the DHS has never really provided meaningful threat levels, in Threat Modeling: Designing for Security, author Adam Shostack has done a remarkable job in detailing an approach that is both achievable and functional. More importantly, he details a system where organizations can obtain meaningful and actionable information, rather than vague color charts.

Rather than letting clueless Washington bureaucrats define threats, the book details a formal system in which you can understand and particularize the unique threats your organizations faces.

In the introduction, Shostack sums up his approach in four questions:

1. What are you building?

2. What can go wrong with it once it's built?

3. What should you do about those things that can go wrong?

4. Did you do a decent job of analysis?

The remaining 600 densely packed pages provide the formal framework needed to get meaningful answers to those questions. The book sets a structure in which to model threats, be it in software, applications, systems, software or services, such as cloud computing.

While the term threat modelingmay seem overly complex, the book notes that anyone can learn to threat model. Threat modeling is simply using models to find security problems. The book notes that using a model means abstracting away a lot of the details to provide a look at the bigger picture, rather than the specific item, or piece of software code.

An important point the book makes is that there is more than one way to model threats. People often place too much emphasis on the specifics of how to model, rather than focusing on what provides them the most benefit. Ultimately, the best model for your organization is the one that helps you determine what the main threats are. Finally, the point is not just to find the threats; the key is to address them and fix them.

The beauty of the book is that it focuses on gaining empirical data around threats for your organization. Rather than simply taking an approach based on Gartner, USA Today or industry best practices.

While the author states a few times that threat modeling is not necessarily a complex endeavor, it nonetheless does take time. He writes that threat modeling requires involvement from many players from different departments in an organization to provide meaningful input. Without broad input, the threat model will be lacking, and the output will be incomplete.

For those organizations that are willing to put the time and effort into threat modeling, the benefits will be remarkable. At the outset, they will have confidence that they understand the threats their organization is facing, likely spend less on hardware and software, and will be better protected.

Chapter 18 quotes programmer Henry Spencer who observed that "those who do not understand Unix are condemned to reinvent it, poorly". Shostack writes that the same applies to threat modeling. The point he is making is that there are ways to fail at threat modeling. The first is simply not trying. The chapter then goes on into other approaches which can get in the way of an effective threat modeling program.

Why should you threat model for your IT and other technology environments? It should be self-evident from an architecture perspective. When an architect is designing an edifice, they first must understand their environment and requirements. A residence for a couple in Manhattan will be entirely different from the design for a residence for a family in Wyoming. But far too many IT architects take a monolithic approach to threats and that's precisely the point the book is attempting to obviate.

As noted, threat modeling is not overly complex. But even if it was indeed complex, it is far too important not to be done. The message of the book is that organizations need to stop chasing vague threats and industry notions of what threats are, and customize things so they deal with their threats.

For those that still think the topic is complex, the book references Elevation of Privilege(EoP), an easy way to get started threat modeling. EoP is a card game that developers, architects or security teams can play to easily understand the rudiments of threat modeling.

Risk modeling is so important that it must be seen as an essential part of a formal and mature information security program. Having firewalls, IDS, DLP and myriad other infosec appliances can be deceptive in thinking they provide protection. But if they are deployed in an organization that has not defined the threats these devices are expected to address, they only serve the purpose of giving an aura of infosec protection, and not real protection itself.

Amazon has over 800 Disney World guide books. Anyone who is going to invest their time and money to spend a few days at Disney World knows they have to do their research in order to get the most out of their visit.

There are only a handful of books on this topic and Threat Modeling: Designing for Securityis perhaps the finest of them. No tourist would be so naïve to go to Disney World uninformed. And conversely, no one should go into the IT world without adequate threat information.

Threat modeling provides compelling benefits in the ability to make better information security decisions, better focus on often limited resources, all while designing a model to protect against current and future threats.

For those serious about the topic, Threat Modeling: Designing for Securitywill be one of the most rewarding information security books they could hope for.

Reviewed by Ben Rothke."

+ - Book review: The Art of the Data Center

Submitted by benrothke
benrothke (2577567) writes "The Art of the Data Center: A Look Inside the Worlds Most Innovative and Compelling Computing Environments

Author: Douglas Alger

Pages: 368

Publisher: Prentice Hall

Rating: 9/10

Reviewer: Ben Rothke

ISBN: 978-1587142963

Summary: Some of the smartest guys in the data center share their build and design advice

At first glance, The Art of the Data Center: A Look Inside the Worlds Most Innovative and Compelling Computing Environmentsappears like a standard coffee table book with some great visuals and photos of various data centers throughout the world. Once you get a few pages into the book, you see it is indeed not a light-read coffee table book, rather a insightful book where some of the brightest minds in the industry share their insights on data center design and construction.

The book takes a holistic view of how world-class data centers are designed and built. Many of the designers were able to start with a greenfield approach without any constraints; while others were limited by physical restrictions.

Some of the firms profiled in the book are Citi, Digital Realty Trust (who run the world's largest data center in Chicago), eBay, Facebook, IBM, Intel and Yahoo!.

One of the interesting things about hearing 18 different viewpoints, both from the US and Europe-based firms, is that it shows there is not just one way to build a data center. Fundamental data center components such as raised floors are reconsidered in some of the data centers in the book. From UPS, to cooling systems and more, Alger details how the nuances of various data centers have influenced their design.

It is an unfortunate reality that many expensive data center builds and expansions fail.The book profiles those that have succeeded, and it is hoped the reader will take the advice to heart in their build and design.

The book is written in an interview style, where Alger asked the designers various question on how their came to their design, the rationale behind it, what their strategy was, what constraints they ran into, and more

The book highlights a broad range of data centers; from those built into a century old church in Spain, a former Swedish underground military bunker renovated into a modern data center with artificial daylight, manmade waterfalls and submarine engines providing standby power, to those powered by all solar energy.

Many of the data centers that he showcases are designed in order to be LEED (Leadership in Energy and Environmental Design) and Energy Star certified. LEED is a rating systems for the design, construction, operation and maintenance of green buildings, homes and neighborhoods, created by the US Green Building Council (USGBC). It should be noted that as of now, the USGBC hasn't set specific criteria for data center LEED certification.

An important point about LEED made in the book is that for those designers that are thinking about LEED certification, it mustbe done in the design stage and not as an addendum. Obtaining LEED certification must start at design and end with a formal certification after project completion. It was noted that consulting with a qualified LEED professional or consulting firm at the start of the planning process is a must.

While this is not a coffee table book, it does make good use of photos to highlight the nuances and layouts of the various data centers. There are many pictures that show the various types of equipment in use.

As noted, the book showcases many different aspects and often counterintuitive notions of data center design. One of the most significant is ACT, Inc., a nonprofit that runs the ACT test – a college admissions and placement test taken by more than 1.3 million high school graduates every year, who decided to runs their active and backup data centers in Iowa City, Iowa just 5 miles apart. The book details the designer's rationale behind that. Similar case studies are detailed in the book.

One of the major methods in the book used to reduce power consumption and cost is via the use of virtualization, which many of the data centers have used and optimized.

One topic lacking in the book is that Alger did not ask detailed questions around the physical security of the buildings. Why power, UPS, flooring and the like are critical to the efficacy of a data center; physical security components such as mantraps, access control systems, bollards, surveillance and the like are necessary to ensure all of the previous design items are not placed at risk.

One of the questions he asked every designer is if they could go back and design the data center all over again, what; if anything would they do different. Surprisingly, everyone one of them said that they put a lot of planning in and there was nothing major they would change. Most of the designers did though say each data center had small items though could have been revisited to make the center better. Bu most agreed that many of them are so minor in some respects, that it would not be meaningful to go through them.

An interesting point the data venter architect at Syracuse University stated is that one of the things they did in constructing their data center was to not necessarily be driven by rules of thumb or best practices. Rather they looked at their own requirements and how they could best optimize everything that they could in the design of the facility.

One common metric used throughout the book is power usage effectiveness (PUE). It is a measure of how efficiently a computer data center uses energy; specifically, how much energy is used by the computing equipment, as opposed to cooling and other data center overhead. The lower the number, closest to 1.0, the more of its power is used for computing.

Poor data center planning leads to poor use of valuable capital, can significantly increase operational expense and obviate any computation gains. Many organizations get overwhelmed on the design and focus far too much on speed and power, without taking a larger holistic view of their data center needs.

For those looking for guidance on how to design a world-class data center, The Art of the Data Center: A Look Inside the Worlds Most Innovative and Compelling Computing Environmentsshould be the place you start.

Reviewed by Ben Rothke."

Comment: Re:Flash...? (Score 1) 69

by benrothke (#45959903) Attached to: Book Review: The Digital Crown

:::People need to know that some books are not worth buying to save wasting their money.


As to your bike analogy, you mentioned a commercial magazine; where people get paid. I do not get paid to review books.

If I was a professional review, then perhaps would have more time to review a wider quality range of books. :::So some may ask "what style of writing does

Thanks for the recommendation. Will try to use it for future reviews.

% A bank is a place where they lend you an umbrella in fair weather and ask for it back the when it begins to rain. -- Robert Frost