IWS - The Information Warfare Site
News Watch Make a donation to IWS - The Information Warfare Site Use it for navigation in case java scripts are disabled

BKWLSCES.RVW 20031018

"Wireless Security Essentials", Russell Dean Vines, 2002, 0-471-20936-8, U$40.00/C$62.50
%A Russell Dean Vines
%C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
%D 2002
%G 0-471-20936-8
%I John Wiley & Sons, Inc.
%O U$40.00/C$62.50 416-236-4433 fax: 416-236-4448
%O http://www.amazon.com/exec/obidos/ASIN/0471209368/robsladesinterne
http://www.amazon.co.uk/exec/obidos/ASIN/0471209368/robsladesinte-21
%O http://www.amazon.ca/exec/obidos/ASIN/0471209368/robsladesin03-20
%P 345 p.
%T "Wireless Security Essentials"

The introduction asserts, as a statement on the rapid pace of technological innovation, that wireless security may have changed between the writing and the publication of the book. It may be an interesting comment on security that the book is still relevant and that wireless security is unchanged in the two years since the book's completion. It may also be a measure of the good job that Vines did on his subject.

Part one deals with the foundational aspects of the technology. Chapter one covers computing technology, with a basic but brief look at computer architecture and some network architecture (but mostly protocols). Both wireless LAN and cellular telephone are discussed, but the LAN material predominates. Wireless theory, including radio communication and transmission protocols, is examined in chapter two. The explanations are good: Direct Sequence Spread Spectrum (DSSS) and Frequency Hopping Spread Spectrum (FHSS) are much better than in other related works, although the text could still use some improvement on details such as DSSS chipping and the mapping of bits to the frequency signals. Wireless reality, in chapter three, is an odd mix of the security portions of wireless LAN protocols (except for Bluetooth, which has a number of functions explained in detail), the Infrared Data Association (IrDA), wireless operating systems and devices, and wireless services.

Part two covers security essentials. Chapter four outlines security concepts and methodologies in a well-chosen (with the signal exception of cryptography) but not well-structured list. (Given Vines' participation in "The CISSP Prep Guide" [cf. BKCISPPG.RVW] this is not surprising.) According to chapter five, security technology primarily encompasses cryptographic aspects of wireless LAN protocols. There is a very comprehensive examination of a broad range of attacks against wireless devices (Personal Digital Assistant [PDA] viruses, for example) and transmissions (there is an extremely detailed analysis of WEP weaknesses, backed up by even more details in appendices B and C), as well as recommended countermeasures, in chapter six.

Although not perfect, this book is an extremely useful guide to the security issues surrounding the use of wireless devices. Of the various books reviewed on the topic of wireless LANs and security, it is the best work seen to date.

copyright Robert M. Slade, 2003 BKWLSCES.RVW 20031018