IndexIndex

ABMs (automated banking end-to-end considerations, 994 end-point/edge, 343, 344 machines), 794 execution environment, 989, 991, hop-by-hop, 343–344 Abstraction-based intrusion 997–1000 measurement-based, 345 detection, 411 framework, 987–991 stochastic bounds, 345 Abstract job objects, 51 goal of, 985 Advance fee fraud, 385, 479, 483 Abstract Syntax Notation One hardware and network processors, Advanced Communications (ASN.1), 719 1002–1003 Technologies and Services (ACTS) Acceptable use policy (AUP), 483 implementation of components of, project INSIGNIA, 238–239 Acceptance rate, 98 997–1000 Advanced Encryption Standard (AES), Access, 43 node operating system, 991, 992–993, 253, 508, 515 Access control, 43, 68, 70, 345–346 1000–1003 Advanced Intelligent Network authentication services and, 572 security, 994–997 standards, 235 concepts/features supported by, selected applications, 1004–1009 Advanced Research Projects Agency 522–523 self-healing communication network, Network (ARPANET), 110 in database management systems, 1006–1007 Advanced reservation, 121–122 527–530 temporal overlay, 1005–1006 Advanced Technology Attachment desiderata for, 522–523 Active networking encapsulation (ATA), 83 discretionary access control protocol (ANEP), 989, 993–994 Advanced video coding standard, 763 policies, 519 Active Network Node (ANN), 1002 AdventNet OpManager, 726 for Internet-based solutions, 530–536 Active Networks Assigned Numbers Advertising, mobile, 916 leaky-bucket algorithm, 346 Authority, 993 Advertising, online, 948 mandatory access control policies, Active packets, 994–996 Advertising business model, 918 519–521 Active queue management, 337, Adware, 445, 702 in operating systems, 523–527 348, 351 AES (advanced encryption standard), policies, 518–521 Active Server Pages, 7 253, 508, 515 role-based access control policies, 521 Active tag, 920, 978, 983 Affi nity maturation, 1014 traffi c classifi cation, 345–346 Active transport, 1046–1048 Age of Spiritual Machines, The traffi c contracts, 345 using biological molecular motors, (Kurzweil), 827 traffi c regulation, 346 1046–1047 Agile software development, 22 traffi c shaping, 346 using DNA walkers, 1047–1048 AIMD (additive increase, multiplicative Access control list, 496 Activeworx Security Center, 726 decrease) algorithm, 349 Accessibility standards, 774 Active X, 10 Air gap architecture, 567–568 Access management, VPNs and, 495–496 ActiveXperts Network Monitor, 726 Air gap technology, 561, 568 Access methods, 664 Activity monitor, 452 Airlines, 946 Access policing, 335–336, 337, 342, 351 Activity monitoring (behavior-based), Akamai, 771 Access-regulated sources, 335–336 450–451 Akonix Systems, 738 bounding-interval-length-dependent Activity rules, 403 Akyildiz, I.F., 295 model, 336 Actuators, 1027 Alan, R.A., 769 leaky-bucket-regulated sources, 336 Adaptable application, 27–28 Alarms and detectors, 612–614 Access regulation (policing), 340 Adaptable real-time misuse-detection Alchemi, 116 Account fraud, 795 system (ARMD), 411 Alert, 938 Accounting and charging, 116 Adaptation unit (AU), 241 Algorithm-based fault tolerance, Accounting management, 717 Adaptive application, 27 277–278 Account management, 728 COPYRIGHTEDAdaptive differential pulse MATERIALcode Algorithm(s). See also Distributed Accredited Standards Committee X12, modulation (ADPCM), 763 algorithms 863–864 Adaptive enterprise, 127 AIMD, 349 Accuracy, 328 Adaptive Enterprise (HP), 122–123 asynchronous, 287, 288–289, 295, 296 Acknowledgment message (ack), 289 Adaptive network storage architecture congestion-avoiding, 350 Acquirer, 873, 883, 886 (ANSA), 199 cryptographic, 495 Activation, 687 Addiction, to Internet use, 968 data encryption standard, 253 Active application, 986, 988, 990, 1009 Additive increase multiplicative Diffi e-Hellman, 499 Active Badge system, 921 decrease (AIMD), 336 Dijkstra, 213 Active (dynamic) schemes, 273 Address fi ltering, 556, 568 dynamic programming, 303 Active Messages, 86–87 Address resolution protocol, 215, 318 encryption, 506 Active networking, 985–1009 Ad hoc communication, 135 fl ooding, 291 active networking encapsulation Ad hoc network, 466 genetic algorithm for service protocol (ANEP), 989, 993–994 Ad hoc wireless network mode, 578 composition, 1007 analysis of active networks, 1003–1004 Adleman, Leonard, 442, 466, 512 global-state recording, 291, 296 architecture, 991–997 Admission control, 329, 340, 351 leader-election, 286, 287, 291, 296 Atropos, 1005–1006 bandwidth brokers, 343, 344–345 leaky-bucket, 342, 346 background, 987 deterministric bounds, 345 location-independent, 295

1065 1066 INDEX

Algorithm(s) (cont.) host-based, 531–533 Applied probability, 326 maximum-fl ow, 173 .htaccess fi les evaluation, 534 Appropriation, 28 Message Digest, 584 user-based, 533 Arbitrated loop, 213–214, 216, 220–221 pricing, 116 Apache Axis, 66 Arbitrated-loop topology, 208–9 Secure Hash Algorithm 1, 584 Apache Jakarta Tomcat, 66 Arbitrate primitive, 213 self-limiting congestion-avoidance, 336 Apache Lucene, 817 ARB (x), 213 synchronous, 293–294, 296 Apache Web server, 817 Archival server security, 436 Aliases, 135 Apache WSRF, 54 Archived storage/collections, 662, 824 Alice and Bob. See Authentication; APDU (application protocol data Archive image, 811 Cryptography unit), 266 ARIMA (autoregressive integrated Alien Technologies, 976 API. See Applications programming moving average) models, 333 Allman, Eric, 733 interface (API) Arithmetic coding, 275, 763, 764 All-or-nothing rule, 37 Appeal to authority attack, 589 Arithmetic log units, 279 Alternate site, 677–678, 687 Apple Computer Arms, W.Y., 822, 824 Alternative interconnection employee disclosure of company ARPANET, 153, 582, 593, 733, 734, 903 technologies, 94 secrets, 699 Artifi cial immune systems Altruism, 168, 186 iTunes, 158 (ARTIS), 1015 AMANDA, 639 Applets, 259 Ashby, W.R., 1013, 1014 Amazon.com, 806, 818, 845, 851 Application, 753 ASPnews.com, 746 AMD (Advanced Micro Devices), 90, 106 Application communication Assessment, 354 American Express, 873 middleware, 43 Asset-tracking, 979 American Memory, 809, 818, 827 Application cryptogram, 265 Association of Research Libraries, 807 American National Standards Institute Application data, 316–317 Assured pipelines. See Application (ANSI) Application development framework, gateways fi bre-channel specifi cations, 205 1018–1019 Astroturfi ng, 909 storage area networks and, 199 Application failures, 672–673 Asymmetric, 515–516 Americans with Disabilities Act Application gateways, 559 Asymmetric fault, 375, 382 of 1990, 706 Application-layer VPNs, 496 Asymmetric key cryptography, 68, 511 America Online, 733, 928 Application-level framing, 764 Asymptotic availability, 270 AOL News, 934 Application-level gateway, 568 Asynchronous, 970 chat rooms, 736 Application-level multicast, 148, 759, 764 Asynchronous algorithm, 287, 288–289, IM service, 736 Application programming interface 295, 296 merger with Time Warner, 929 (API), 9, 36, 40, 43 computational complexity, 292–293 Anagnostakis, K.G., 177 Application protocol data unit (APDU), Asynchronous collaboration, 16, 18, 30 Analysis, 637 253, 266 Asynchronous communication, 39, 769, Anchored channels, 992 Application server, 7, 8, 747 770, 775 Anderson, J.P., 403 Application service providers (ASPs), molecular communication, 1038 Anderson, R., 626 742–753 in molecular communication Anderson, T., 836 business models, 742–746 network, 1050–1051 Anderson’s penetration matrix, 430 defi ned, 753 textual, 840 AND nodes, 656 determinants of customer ASP choice, Asynchronous model of distributed Andragogy, 832, 833, 834, 840 749–750 computation, 288, 296 Animal identifi cation, 975 feasibility assessment of, 752–753 Asynchronous remote procedure call, 39 Annualized failure rate, 663 infrastructure elements necessary Asynchronous transfer mode (ATM), 85, Annualized rate of occurrence, 657 for, 748 90, 238, 322 Annual loss expectancy, 657 model elements and related vendors, Asynchronous Transfer Mode (ATM) Anomaly detection, 403, 404–409, 417 748–749 network, 47 audit data analysis and mining network components and ASP ATA (Advanced Technology (ADAM), 406–407 confi gurations, 746–748 Attachment), 83 computer immunological approach, one-to-many model, 744, 745–746 AT&T, 756, 928 407–408 risks in, 751–752 AT&T Bell Lab’s UNIX platform, 769 limitation of, 409 taxonomies of, 745–746 AT&T videophones, 29 machine-learning and data-mining vendor-client relationship, 743–745 Atlantic Power and Light, 37 techniques, 405–407 Application service provisioning, 753 ATM. See Asynchronous transfer neural network, 406 Application service provisioning mode (ATM) statistical models, 404–405 grid, 112 ATMs (automated teller machines), 793, Anomaly detectors, 434 Application services, 4 874, 886 Anomaly records, 403 Application sharing, 17 Atomic action, 296 Anonymity, 134–135, 148, 294, 295, 871 Application specifi c integrated circuit Atomicity, 37 Answer to reset, 254 (ASIC), 102, 323, 1002 ATP (adenosine 5’-Triphosphate), Anthill, 1016 Application-specifi c models, 334–335 1038, 1051 Antiforensics, 426 peer-to-peer traffi c, 335 Attacker-side defenses, 460 Antiviral technologies, 449 video, 335 Attacking hosts, 456 Antivirus software, 398, 437, 738, 739 Web traffi c, 334–335 Attack library, 431 AntNet, 1016 Applications programming interface Attack Net (McDermott), 432 ANTS (Active Network Toolkit), 998 (API), 266 Attack signatures, 411–413 Apache Access Control, 531–534 Application testing, 324 Attack trees, 431, 656, 657 host- and user-based interactions, 534 Application user interface, 25 Attiya, H., 286 INDEX 1067

Attribute affi nity matrix, 302 Business requirements of backup Berger codes, 275, 279 At-will employment, 694–695, 707, systems Berkeley Digital Library SunSITE, 817 708, 709 business requirements, 653 Berners-Lee, Tim, 769, 775 Auction, 169, 175–177, 186 comparison of backup methods, “Bernz’s Social Engineering Tips,” 391 Auction models, 953 642–643 Bertillon, Alphonse, 541 Auction pricing, 855 compression decision, 653 Berube v. Fashion Centre Ltd. (1989), 707 Audioconferencing, 16 data types, 639–641 Best Buy, 786 CoMeCo, 23 operating systems, 639 Best-effort traffi c, 340 ITU-T H.323 standard, 29 outsourcing, 646–647 Betarte, G., 261 Audio representations, 763 requirements planning team, 639 B-Frame, 762, 764 Audit data analysis and mining (ADAM), solution options, 643–648 Bicompatibility, in molecular 406–407 Backup fl ight software, 281 communication, 1038 Auditing, 627 Backup tapes, 635 Bidgoli, H., 886 Audit records, 403 Backward/forward explicit congestion Bidirectional authentication, 571 Audit trail, 866, 870, 886 notifi cation, 350 Biham, Eli, 510 Authentication, 43, 68, 71, 437, Backward recovery, 276 Binding element, 65 570–580, 724, 739, 796–798, 866 Bacteria, 621 Biological cells, modifi ed, 1042 credentials, 571–573 Badges, forgery of, 391 Biologically inspired networking, defi ned, 580 Bad-packet fi ltering, 555–556 1012–1020 guidelines, 579 Baird, John Logie, 974 ant colonies, 1015–1017 host authentication, 575–579 Ballistic transistors, 1029 application development framework, of packets, 996 Ban, 896 1018–1019 VPN users, 495 Bandwidth, 80–81, 90, 98, 325, 970 autonomic computing and Web authentication, 573–575 function, 315, 316 networking, 1013–1014 Authentication module, 723 tele-immersion and, 764 cellular systems, 1018–1019 Authentication services, 572 utilization, 317 evolution through natural selection, Authority, and social engineering, Bandwidth brokers, 344–345 1017–1018 386–387 Banerjee, S., 180, 861 future work in, 1019 Authorization, 43, 68, 70, 71–72, 580 Banking, online. See Online banking immune systems, 1014 Autoanaplasis, 1009–1010 Bank of America, 589, 778 middlework framework, 1017–1018 Autograph, 412 Banner, 938 nervous systems, 1013–14 Auto-ID, 983 Bantu’s Presence Platform, 738 network intrusion detection, 1015 Automated banking machines Barbosa, V.C., 286 network routing, 1016–1017 (ABMs), 794 Barcodes, 975 Biological systems, 1038–1041 Automated Clearing House (ACH), 792, Barnes & Noble, 806 active transport-based molecular 798, 875, 882, 886 Barracuda Networks, 735 communications in, 1041 Automated network confi guration, 716 Barron’s online, 937 biological nanomachines in, 1039 Automated teller machines (ATMs), 793, Basic call state model (BCSM), 236 communication processes in, 874, 886 Basic call unrelated state model 1039–1040 Automated toll collection, 975 (BCUSM), 236 molecular communication networks Automatic speaker recognition, 541 BasicCard, 260 in, 1041 Autonomic computing and networking, Basic encoding rules (BER), 719 passive transport-based molecular 1013–1–14 Basic risk formula, 361 communications in, 1040–1041 Autonomic nervous system, Basic Support for Cooperative Work Biometric devices, physical security 1013, 1020 (BSCW), 19 and, 610 Autonomy, 148, 168 Bastion host, 557–558, 568 Biometric reference, 540, 549 Autoregressive moving average (ARMA), Batch processing, 882, 886 Biometrics, 398, 539–550, 572–573, 593, 337, 345 Bates, A.W., 965 796, 797 Autoregressive process, 333 Bathtub curve, 270 computer network security and, Availability, 43, 134, 270, 284, 377, Baxter, W.F., 791 546–547 378–380, 382, 536 Bayesian spam fi lter, 735 data collection, 542 Availability block diagrams, 379 B cells, 1014, 1020 decision, 543–544 Avizienis, Algirdas, 277, 281 BEA Tuxedo, 9 defi ned, 539, 549 Avocation communities, online, 906 Becker, J.U., 174 exception-handling mechanisms, 544 Awareness building blocks, 24 Behrens, S.G., 354 false positives and false negatives, 573 Awareness information, 29–30 Belanger, F., 886 forgeries and, 547 Axon, 1040, 1051 Bell, B.S., 782 fundamental concepts, 539–541 Bell, D., 520 National Physical Lab Tests, 546 Baby Boomers, and travel, 948 Bell, Genevieve, 773 performance testing, 544–545 Back-propagation network, 406 Bellcore standard, 666 privacy and, 548–549 Backup Bellotti, V., 772 Purdue Employees Federal Credit defi ned, 687 Bell Relay Computer, 279 Union example, 548 of storage media, 601 Benford, X., 774 reference storage, 544 storage media requirements, 662 Beowulf-CLASS System, 90, 107 religious objection to, 548–549 using object replication, 679 Beowulf cluster, 81 San Jose State University example, zero-time-windows backup, 189 Beowulf commodity PC cluster, 93 547–548 Backup and recovery system Berentsen, A., 798 signal processing, 543 requirements, 639–648. See also Beresford, A.R., 924 suggested rules for secure use of, 549 1068 INDEX

Biometrics (cont.) Broadband integrated services digital risk (rating) matrix, 656 system description, 541–544 network, 237 threat (attack) trees, 656 technical tests, 545–546 Broadband multimedia services, 238 Business networking sites, 389 transmission, 543 Brocade Communication Systems, Business process analysis, 655 Biometric sensor, 542 Inc., 197 Business Process Execution Bio-Networking Architecture, 1017 Brochureware, 950 Language, 121 Birthday paradox, 585, 593 Brodley, C.E., 405, 406 Business requirements of backup Bisectional bandwidth, 98 Brownout, 629 systems, 650–660 Bishop, M., 423 Bruckman, A., 911 backup guidelines, 652–653 Bit-rate transparency, 105 Brute force attack, 507–508, 509, 584, business continuity management, BitTorrent, 157, 161–162, 170, 770, 771 586, 592, 593 650–651 Black-box testing, 423 Brynjolfsson, E., 771, 772 business continuity planning, Blacklisting, 483 BSCW (Basic Support for Cooperative 651, 654–660, 658–659 Blacklists/blacklisting, 469 Work), 19 data recovery, 653 Blackouts, 602 Buchegger, S., 183 high availability, best practices Blakey v. Cont’l Airlines, Inc. (2000), 705 Buffer management, 342, 348–349 for, 654 Blocker tag, 921 loss priorities, 348 implementing/testing the plan, 660 Block-mode data mechanism, 198 push-out schemes, 348 monitoring/improving the Blocks extensible exchange protocol random early detection (RED), procedures, 660 (BEEP), 415 348–349 risk management, 651–652 Blog/blogging, 389–390, 770, 771, 787, Buffer-to-buffer fl ow control, 214, 223 scope for decisions, 653–654 853, 900, 901, 930–931, 939 Bugtraq mailing list, 424 training and awareness program, employee, 699 Bulk data transfer, 720 659–660 training and, 964, 969 Bulk eraser, 629 Business resilience, 685–686 Bloom, B.S., 965 Bulletin boards, newsgroup, 624 attribute classes of, 686 Blue-laser technology, 968 Bureau of Labor Statistics, 783 object layers related to, 686 Bluetooth, 847 Burstiness, 326, 327, 330, 337, 345 Business source providers (BSPs), 742 -based payment systems, 879 Business Continuity Institute, 650 Business-to-business (B2B) electronic technology, 918, 920 Business continuity management commerce, 860. See also Electronic Blumenthal, U., 723–724 (BCM), 650–651, 660, 673–675, 687 data interchange Bodleian Library of Oxford business impact analysis, 673–674 Buttyan, L., 183 University, 809 disaster recovery planning, 673 Byzantine failure, 269 Boehm’s generic risk taxonomy, 354 loss evaluation, 674 BOINC, 165 modular solutions, 685 Cable News Network (CNN), 934 Bolt, 629 understanding company business, 673 Cache poisoning, 428 Boot sector infectors, 440, 470 Business Continuity Management—Good Caddy, 24 Boot-sector viruses, 446 Practice Guidelines, 673 CAFE (Conditional Access for Europe), Bootstrap entity, 181 Business continuity plan, defi ned, 687 880, 883–884 Borbinha, J.L.B., 818 Business continuity planning (BCP), Cairncross, Francis, 770–771 Border gateway protocol, 502 651, 654–660, 658–659, 660, Call control function, 237 Border router, 556 671–687 Calling tree, 682 Boston Globe, 937 alternate sites strategy, 677–678 Call unrelated switching function, 236 Bots and botnets, 445, 456, 457, 466, backup and recovery, 676–677 Cambridge Multiple Access System 471, 473, 896 business continuity laws/regulations, (CMAS), 584 Bounding-interval-length-dependent 683, 684 CANEs (Composable Active Network model, 336 business continuity management, Elements), 998–999 Bowman, 1001 673–675 CA*net 4, 969 Box-Jenkins method, 333–334 business impact analysis, 655–658 CAN-SPAM, 702, 703 B_Port, 207 business resilience and, 685–686 Capability fi ltering, 463 Brain virus, 440 from disaster recovery to, 672–673 Capacity-planning, 315–325 Brand, 938 downtimes in business services, application categories, 319–320 Brandau virus, 451 672–673 capacity defi ned, 315, 325 Brand certifi cation authority, 880 initiation, 654 information gathering, 316–318 Breach, 637 investment decisions and, 683, 685 network traffi c pattern analysis, Breadth-fi rst numbering, 287 recovery objectives, 658–659 318–20 BRICKS, 827 risk management, 675–675 resources, 316, 324 Bridge certifi cate authority, 71 storage technologies, 678–682 solutions, developing potential, Bridge protocol data units, 318 trade-offs in offsite location 320–324 Bridges, 194 choice, 678 terminology, 315–316 Bridging fi rewalls, 558 training and testing, 682–683 Capsule approach, 987 Briggs, L., 963 Business drivers, 316 Carbon nanotubes, 1026–1027 British Library, 825, 827 Business impact analysis, 423, 654–658, Card, 886 Broadband, 929, 967 671, 673–674, 687 Cardholder certifi cation authority, 881 Broadband-based TV, 967 business process analysis, 655 Carey, L., 963 Broadband call control function, 239 IT infrastructure mapping, 655 Carlson, David, 930 Broadband call unrelated service qualitative risk analysis, 656 Carlson, J., 780 function, 239 quantitative risk analysis, 656–657 Carrier sense multiple access/collision Broadband INAP protocol, 239 risk analysis, 655–656 detection (CSMA/CD) protocol, 99 INDEX 1069

Carrier wave, 255 Checksums, 275 Client/server software architecture, 14 Cascading failures, 375 virtual private networks and, 495 Client/server system architecture, 14 Cash card, 886 Chem eStandards, 867 Client/server tier, 14 Caspi, A., 834 Chemical Industry Data Exchange Client system, 14 Castro, L.N., 1012 (CIDX), 867 Client-vendor relationship, 743–745 Caswell, C., 833 Chen, Y., 833, 834 Closed-circuit television (CCTV), 612 CAVEcomm, 47 Chicago Tribune, The, 928 Closed-loop systems, 873 CCMP (counter-mode/CBC-mac Child pornography, 703 Closed-set test, 545 protocol), 925 Children, and IRC, 894–895 Clothing, and RFID tags, 976 CDMA, 918 Children’s Online Privacy Protection Act Clover architecture, 24 CD-ROM media backup, 645 of 1998 (COPPA), 702–703 Cluster computing, 79–90, 110, Cell-based programming, 1018–1019 Chilling Effects Clearinghouse, 810 117–118 Cell loss priority bit, 348 China Research and Development application development, 87–89 Cell of origin, 921 Environment Over Wide-Area cluster architectures, 80–82 Cellular phone(s) Network, 55–56, 60 cluster defi ned, 80 applications, 786 China Wireless Telecommunications emerging trends, 89–90 distribution to the poor, 969 Standards, 919 hardware components, 82–85 health risks with, 621 Chinese remainder theorem, 253 next-generation, 90 online news/information and, 927 Chip card. See Smart cards software components, 85–87 RFID readers and, 978 Chip-level multiprocessing, 82, 105 Clustering, 192, 195, 1017 tracking and, 982–983 Chip manufacturing, 974 Cluster interconnnect, 83 use, in U.S., 697 Chip-to-Chip SPINet, 103–104 Cluster management tools, 86 Cellular services, security shutdown Chord, 140 Cluster nodes, 82 of, 602 Chowdhury, G., 801, 802, 824 Clusters, 110, 117–118 Censorship, 162 Chowdhury, S., 801, 802, 824 CMOS electronics, 106 Central Bank, 798 CHRISTMA exec, 451 CNET, 388 Centralized conferencing architecture, Chu, Y., 180 CNN, 934 757–758 Chuang, J., 179 COAST (COoperative Application Central nervous system, 1020 CHUM, 185 Systems Toolkit), 25 Central reservation systems, 943 Chunking, 931 CoCoDoc, 23 Cerf, Vinton, 733 Churn, 760, 764 Code disjoint, 278 Certifi cate, 516, 580, 887 CIA triad, 43 Code distance, 274 Certifi cate authority (CA), 43, 69, 849 CinemaNow, 854 Code division multiple access (CDMA), Certifi cates, 514–515, 574 Cipher, 593 878, 925 Certifi cation authorities, 574 Cipher block chaining mode, 510, 653 Code Red, 449 Chain letter/chain mail, 477–478, Ciphertext, 43, 506, 516, 593 Codes of conduct, 482 481–482, 483 Circuit-level gateways and proxies, Code word, 274 classes of, 478 559, 568 Cohen, Bram, 161, 162 with Web bug technology, 445 CISCO Corporation, 579 Cohen, Fred, 356, 440, 441, 449 Challenge handshake authentication CISCO IOS, 459 Colasoft EtherLook, 726 protocol (CHAP), 500, 502 Cisco Systems, 321 Cold failover, 373 Challenge-response authentication, Clarke, Ian, 162 Cold site, 677 515, 585 Clarke, R.E., 657 Cold standby sparing, 273, 281 Chan, S.C., 863 Class A, B, and C fi res, 616, 629 Coliseum system, 764 Chandra, T.D., 295 Classic cost model, 304 Collaboration, social infl uence theory Chandy, K.M., 292, 295 Classifi cation, 407 and, 780 Change control system, 778 Class of service, 224–225 Collaboration awareness, 24 Change detection (integrity checking), Clean agent, 629 Collaboration culture, 772 450, 452 Clearing/clearance, 887 Collaborative Digitization Program, 816 Change trigger approach, Clearinghouse runs, 798 Collaborative e-commerce, 855, 857 to backup, 641 Cleartext, 506 Collaborative fi ltering, 851 Channel, 890, 896, 990, 992, 1010 Clement, M., 174 Collaborative work online Channel reservation, 214 Click, 1001 communities, 907 Channel taking, 895 Client, 131, 148, 896 Collaborative writing, 20 Chanops, 892, 896 Client-based computing, 5–6 Collett, D., 833 Chapman-Kolmogorov equations, 272 Client process, 14 Collision, 584 Charge card, 873, 887 Client/server-based architectures, 166, Colored petri automata, 410–411 Chariot (NetIQ), 350–351 299, 300 COM. See Component object model Charron, F., 406 Client/server computing, 3–15 (COM) Chat, 16, 20, 390, 787. See also Internet disadvantages, 4 Combinatorial models, 271–272 relay chat enabling technologies, 9–13 Combustible, 629 Check, 887 extranet, 13–14 CoMeCo Groupware Service Check card, 887 Internet and intranet, 13 Architecture, 23, 24 CheckFree, 880 peer-to-peer computing compared, 3 Commerce service providers (CSPs), 742 Check guarantee system, 887 practical motivations, 3–4 Commercial solicitations, 703 Checklist testing, 683 software, 3, 4–9 Commit protocols, 304 Check-pointing, 276 structural motivations, 3 Committee of European Postal and Checksumming, 669 Client/server groupware, 18–19, 30 Telephone (CEPT), 322 1070 INDEX

Commodity off-the-shelf (COTS) Compulsory tunneling, 493 Conference-management building hardware, 79, 90 CompuServe, 928 block, 24 Common channel signaling Computational complexity, 292–293 Conference management grouplet network, 235 Computational grid, 112, 164 services, 23 Common condition online Computational grid brokering, 119–120 Confi dentiality, 43, 355, 537, 739 communities, 907 Computational objects, 241 agreements, 701 Common Criteria Evaluation Assurance Computational power grids, 110 e-mail and, 735 Level 4, 561 Computer-assisted learning, 840, 965 medical, 706–707 Common Gateway Interface, 7 Computer banking, 798. See also Online Confi guration data backup, 641 Common gateway interface scripts, 46 banking Confi guration management, 716, 728 Common information model (CIM), 202 Computer conferencing, 768–775, Congestion-avoidance algorithm, 350 Common Internet fi le system (CIFS), 831–832 Congestion control, 349–350 202, 233 collaborative computing, 769 predictive congestion avoidance, 350 Common management information designing with users in mind, reactive, 349–350 protocol (CMIP), 714, 728 773–774 Congestion-dependent fl ows, 336 Common object policy service protocol, disabled users and, 774 Connection allegiance, 232 240–241, 728 evolution of, 771 Conrad, D., 839 Common Object Request Broker implementation challenges, 772–773 Consensus recovery block, 277 Architecture (CORBA), 10, 37–38, interactive digital networks, 769–770 Consequence, 416 43, 58, 63, 235, 239–240, multidisciplinary design teams Conservative time optimization, 120 239–241, 248 for, 771–772 Consistency, 387 Common services, 225 open source, 773 Consolidator model payment Commons problem, 29 protocols, 768 system, 872 Common vulnerabilities and exposures security and privacy threats, 774 Constitutional rights of employees, (CVEs), 424, 587–588 synchronous, distributed, 26 respecting, 707 Communication. See also Molecular technology evolution, 770 Constructware, 745 communication workplace transformation, 770–771 Consumer-generated media, 952 clusters and, 86 Computer crime, 441 Consumer online communities, 906 nanoscale communication Computer Emergency Response Team Contactless protocols, 255–256 devices, 1029 (CERT), 358, 424, 590, 593, Contactless smart cards, 252 satellite communication, 1026–1027 632, 637 Containment, 372, 382, 635, 637 security breaches and, 634 Computer Emergency Response Team/ Content distribution network, 759, 764 telework and, 779–780 Coordination Center, 632 CONTENTdm, 813 Communication Authorization Computer forensics, 692, 704, 706, 709 Content management system, 970 Service, 71 Computer Fraud and Abuse Act Contingency, 373, 382 Communication/collaboration building of 1984, 702, 896 Continuous data protection, 676 block, 24 Computer hacking/cracking, 702, 703 Continuous replenishment process, 861 Communication model, 715 Computer immunological Continuous time, 272 Communications interception, 784 approach, 407 Continuous-time Markov model, 272 Community bulletin board site Computer-mediated communications, Continuous time-source models, model, 937 894, 964, 970 331–333 Community Name, 719 Computer Network Technology fractional Brownian motion, 333 Compact disk, 665 Corporation, 198 Markov modulated Poisson Comparison score, 550 Computer security audit, 627 process, 332 Compatible time-sharing system, Computer security incident response simple on/off model, 332 582, 593 teams (CSIRTs), 632–637 stochastic fl uid model, 332–333 Competing dependent risks, 367 after the attack, 636–637 traditional Poisson process, 331–332 Complementary assets, 856 during the attack, 635–636 Contracts Complementary Metal Oxide decision to prosecute, 634 defi ned, 709 Semiconductor (CMOS), 94, 1030 justifying, 632–633 respecting, 707–708 Complex networks, computing on, 295 organizing, 633 Controlled-load service, 318, 344 COM+, 10 technology base, 634 Controlling the Assault of Non-Solicited Component, 14 Computer Security Institute, 397, 632 Pornography and Marketing Act of Component-based middleware, 10–11 Computer-supported collaborative 2003 (CAN-SPAM), 701, 703 common object request broker argumentation system Convergence, 928–930, 938 architecture (CORBA), 10 (CSCA), 839 Conversation, 833 component object model (COM), 10 Computer Supported Cooperative Work Conversational theory of education, 835 Enterprise Java Beans, 10 (CSCW), 25, 30 Cookies, 445 Web services, 10–11 Computer support for collaborative Cooperative processing. See Client/ Component database, 309 learning (CSCL) systems, 839 server computing Component environment, 14 Computer-to-computer calls, 20 CooPS groupware architecture, 24, 25 Component model, 14 Computer-to-phone calls, 20 Coordinated attacks, 422 Component object model (COM), 10, 37 Computing element, 52 Coordinated strategy, 381 Compound risks, 370 Concern communities, online, 907 Coordination building block, 24 Compressing data in backup, 653 Concurrency, 24 Coordination grouplet services, 23 Compromised computers Concurrent backup, 654 Copland v. United Kingdom (2007), 698 (zombies), 457 Conditional entrophy, 408 Copyright, 691, 697, 699, 703–704, 710 Compromising emissions, 625–626, 629 Condor, 74 digital libraries and, 810 INDEX 1071

fair use exception, 703, 710 Customer brand loyalty, 907, 908 metadata-related functions, 308 infringement, 910 Customer Information Control System replica management, 308 Copyrighted material, downloading, (CICS), 9 Data Interchange Standards Association 703–704 Customer list, 682 (DISA), 864, 867 CORBA. See Common Object Request Customer proprietary network Data-link-layer VPNs, 496 Broker Architecture (CORBA) information, 924 Data mining framework Corcoran, David, 257 Customer relationship management for attack models, 411–412 Core, Richard, 935 (CRM), 745, 947, 949 Data mirroring, 687 Core grid middleware layer, 113 Customers’ personal data, Data Protection Directive (EU), 693 Core Wars programming contests, 440 protecting, 702 Data protection laws, 692–696 Correctness proofs, 295 Customized application for the mobile Data recovery/restoring, 652, 653 Correspondence education, 840 network enhanced logic Data replication service, 73 Cost-benefi t analysis (CBA), 423 (CAMEL), 237 Data salvaging, 653 Cost optimization, 119 Cut-through channels, 992 Data security, 751 Cost sharing, 132–133 Cyberattack, 623 Data services, 4–5 Cost-time optimization, 119–120 Cybercrime, 733 Data sink (“data store”), 319 COTS (Commodity Off-The-Shelf), 79, 90 Cyberdefense, 596 Data source, 319 Counter-mode/CBC-mac protocol Cyber-entities, 1017 Data storage, 598. See also Storage area (CCMP), 925 Cyberguide, 921 networks (SANs) Coupled simulations, 58 Cybernetics, 4, 835 Data transfer rate, 669 Courcoubetis, C., 172 Cybersecurity, 596 Data Vortex, 100–102, 106 Coverage, 270 Cyberspace History List-Server, 582 Davies, Roy, 886 CPay, 171 Cyberstalking, 894 Dead links, 826 Crack, cracking, 593 Cyber threat, 596 Dean, D., 408 Crackers, 384–385, 386, 393, 592 Cyclical redundancy check (CRC), 211, Dean, Howard, 930 Crash failure, 269 318, 669 “Death of Distance, The,” 771 Crawlers, 473 Debit card, 887 “Create Change” campaign, 807 Daemen, Joan, 508 Debit-card based electronic Creative Commons, 810 Daemon (IRC daemon/IRCD), 889, 896 payment, 874 Credential management, 70 Daemons, 448 DeBonis, L., 806 Credentials, 76, 530, 536, 537, DAISGR, 308 Debugger tools, 87, 88 571–573, 580 Daniels v. Worldcom Corp. (1998), 705 DEC, 769 authentication services, 572 Data. See also Database management Decentralized conferencing biometrics, 572–573 systems, access control and; architecture, 758 Credit card, 388, 887 Storage media requirements Decentralized object location and Credit-card-based electronic payment, compression, 648 routing (DOLR), 164 872–874, 880–882 compromise of, 428 Decision, 543–544, 550 Credit card company, 887 confi dentiality, 68 Decision error tradeoff curve, 545 Cretu, G., 412 continuous protection of, 676 Decoding, 274, 1037 Crime prevention through encryption standard, 495, 508, 516 Decoherence, 1029 environmental design (CPTED), 612 fi les, restoration of, 636 Decoy attacks, 422 Critical discourse, 834, 835, 837, 839, 840 forwarding, 182–183 Decryption, 516 Critical functions list, 682 growth rate of, 663 Defensive cooperative overlay mesh Critical mass problem, 28 inspection, 556 (DefCOM), 464 Crossbow Technology, 981 integrity, 68, 537, 663, 866 Degaussers, 400, 600, 629 Crossover, 1017, 1020 localization, 303 Degrading attacks, 459 Crossroads Systems, Inc., 197 management, 72–73 De Laat, M., 836 CROWN Grid, 55–56, 60 transfer rate, 663 Delay characteristic, of molecular CRUMPET, 952 virtualization of, 120 communication, 1038 Cryptanalysis, 516 Data backup and recovery system Delayed debit card, 887 Crypt function, 585 requirements. See Backup and Delegation, 70 Cryptocards, 497 recovery system requirements Delgado, J.C.M., 818 Cryptographic key, 574 Database management systems, access Delivery-risk factors, 114 Cryptography, 505–516, 516, 784, 870 control and, 527–530 Delphi study, 369 application cryptogram, 265 access control enforcement, 528 Delphi technique, 656, 733 digital signatures, 514–515 administration, 528–529 Demilitarized zone (DMZ), 491, 559, public-key, 511–514 SQL security features, 527–530 564–565, 568, 739 quantum cryptography, 1025 views and invoked routines, 529–530 Dendrimer, 1022, 1029, 1032 symmetric-key, 506–511 Databases, RFID, 978 Denial of service, 428, 454–466, 469, virtual private networks and, 495 Data centers, 110 483, 635 Cryptosystem, 516 Data center services, 748 bad-packet fi ltering and, 555 CSI/FBI Computer Crime and Security Data classifi cation policy, 397 daemon programs, 416–417 Survey, 394 Data exchange, middleware and, 33 DDOS defenses on Internet, 459–464 CTS (clear-to-send), 466 Datagrids, 112, 120, 307–309 defenses using overlay networks, 464 Cults, 909 database access, 308–309 defi ned, 466 Cumming, N., 612 data transfer, 308 distributed denial of service (DDoS), Cunha, M.B., 802 general grid data management 425, 427 CU-SeeMe system, 756 techniques, 307–308 Internet relay chat and, 896 1072 INDEX

Denial of service (cont.) copyright and, 810 Discard eligibility bit, 348 overview, 454–457 defi ned, 801, 827 DISCIPLE (DIstributed System RFID and, 983 digitization of materials for, 811–813 for Collaborative Information success of, 457 electronic journals (e-journals), Processing and LEarning), 25–26 taxonomy of, 458–459 807–808 Disclaimer, 695, 708, 710 wireless network defenses, 464–465 electronic theses and dissertations, Discover, 873 Denning, D.E., 384, 403 808–809 Discovery, 637 Dense wavelength division multiplexing future of, 826–827 Discrete approach, 986 (DWDM), 202 image-oriented, 802–803 Discrete cosine transform, 762, 765 Department of Defense, 976 indexing and retrieval in, 816–818 Discrete time, 272 Advanced Research Projects Agency manuscripts and ephemera, 809 Discrete-time source models (DARPA), 986 material selection for, 810–811 Box-Jenkins method, 333–334 Department of Labor, 783 metadata and, 815–816 time series, 333 Dependability, 269–270, 284 multimedia, audio, and video, 809 Discrete wavelet transform (DWT), 331 Derived horizontal fragmentation, 301 networking and, 818–821 Discretionary access control DES (data encryption standard), 516 newspaper collections, 808 policies, 519 DES algorithm, 253 preservation and, 823–826 Discrimination, 694, 705–706 Design patterns from biology, 1018 security and, 821–823 and enforcement of e-mail/Internet Desktop computer backup and recovery software for, 813–815 use policy, 700 requirements, 645, 677 Digital Libraries (Arms), 822, 824 telework and, 786 Desktop exercise, 637 Digital Library eXtension Service, 816 Discussion forum, 16 Desktop workstation security, 436 Digital Library Federation, 801 Disintermediation, 854, 857 Destination management system, 949 Digital Library Toolkit, 815 Disk-based storage, 644 Destination-marketing Digital Millennium Copyright Act of Disk striping, 282 organizations, 947 1998, 587, 703, 810 Disk-to-disk backup, 680 Detection, 372, 382 Digital object identifi er, 826 Disk volume, 669 Detection points, 236 Digital phone. See VoIP (voice over Disruptive attacks, 459 Detectors and alarms, 612–614 Internet protocol) Dissertations, electronic, 808–809 Device confi guration, 716 Digital preservation, 827 Distance learning, 831, 832 Dewan, P., 22, 23 Digital rights management, 515, 816, defi ned, 840 Dewey, J., 963 827, 853 discussion, 837–840 DeYoung, R., 793 Digital security cameras, 612 Garrison and community of inquiry, DHCP Client, 33 Digital signatures, 514–515, 516, 574, 784 834–835 Dialogue, 833 certifi cates, 514–515 Gunawardena et al. and meaning Di Caro, G., 1019 Digital stream, 322 making, 836 Dick, Steven J., 928 Digital versatile disk (DVD), 665 Holmberg and guided didactic Dick, W., 963 Digitization, 827 conversation, 832–833 Dictionary attack, 509, 570–571, 584, DigiTool, 814 Laurillard and conversational 585, 593 Dijkstra algorithm, 213 framework, 835–836 Differencing, 333–334 Dilger, M., 423 mediated interaction in, 832–837 Differential backup, 643, 648, 679 DIMM (dual in-line memory module), Moore and dialogue, 833–834 Differential cryptanalysis, 510 82, 90 Murphy and solving problems Differential power analysis, 252 Direct access fi le system, 198 in collaborative environments, Differentiated admission control Direct attached storage, 652, 680 836–837

protocol (DACp2p), 178 Direct client connection, 891, 896 videoconferencing and, 755 Differentiated services (Diffserv), Direct deposit, 798, 874–875 Distinct Network Monitor, 726 344, 351 Directed acyclic graph (DAG), 999 Distributed algorithms, 286–296 Differentiated services approach, to Direct harvest attack, 483 applications, 295 QoS, 502 Direct model payment system, 872 asynchronous building block, 289 Differentiated services codepoint Directories, 771 asynchronous model, 288 (DSCP), 319 Direct payment, 799 computational complexity, 292–293 Diffi e, Whitfi eld, 511 Direct-sequence spread spectrum computing on anonymous Diffi e-Hellman (D-H), 499, 511–512, 516 (DSSS), 925 systems, 294 “Diff” program, 902 Disability/disabled persons consensus problems, 294–295 Digest, 68–69 computer conferencing and, 774 correctness proofs, 295 Digest authentication, 573 defi ned, 710, 775 distributed computations for resource Digg, 827 emergency egress and, 614 sharing example, 291–292 DigiCash, 883 of employees, 706–707 events and global states, 289–290 Digital Book Index, 805 DISA (Data Interchange Standards global-state recording, 291 Digital certifi cate, 536, 739 Association), 867 leader election, 291 Digital collections, 801 Disaster, 687 lower bounds and impossibility Digital Collections Registry, 801 Disaster preparedness, 620–621. See also results, 294 Digital diode technology, 561 Facilities, physical security for quintessential asynchronous Digital divide, 781, 962 Disaster recovery, 671, 678, 687 algorithm, 288–289 Digital libraries, 801–828 planning, 628 self-stabilization, 294 book-oriented, 803–807 storage area networks and, 226–228 synchronizers, 293–294 constructing, 809–821 Disaster Recovery Institute synchronous model, 287–288 continuity of, 826 International, 683 topological awareness, 294 INDEX 1073

unifying theory, 295 Distributed-services model, 215 Earliest due date/earliest deadline fi rst vector clocks, 290 Distributed shared-memory discipline, 348 Distributed application logic, 5 systems, 87 EarlyBird, 412 Distributed broadband intelligent Distributed storage, 118–119 Early Motion Pictures of the American networks, 238–239 examples of, 118 Memory collection, 809 in era of network and service P2P applications for, 162–164 Earthquake preparedness, 620 convergence, 244–245 Distributed transaction processing EAS (electronic article surveillance), reference architecture for, 242 (DTP) protocol, 9 974, 980, 984 Distributed Component Object Model Distribution, 24 Eavesdropping, 390–391, 469, 572, 871, (DCOM), 43, 239 DLXS, 814 982 Distributed Computing Environment DNA (deoxyribonucleic acid), RFID and, 982–983 (DCE), 9–10, 58 1034, 1036 eBay, 855, 882–883, 968 Distributed database systems, 298–309 Document shredding, 392 Ebsco, 807 architectures, 298, 299–301 Document type defi nitions, 65 EBSI (Enhanced Backup Solutions and centralized DBMSs Domain agent, 184 Initiative), 680 compared, 298 Domain fi ltering, 556, 569 E-business, 672 client/server-based architectures, 299 Domain hijacking, 428, 795 e-business on-demand (IBM), 124 datagrids, 307–309 Domain-independent metadata, 308 ebXML (electronic business XML), 867 design, 298, 301–302 Domain-level mining, 407 ECheck, 885 distributed query processing, 298, Domain name services (DNS), 716 E-commerce. See Electronic commerce 302–304 Domain name system blacklist, 469 Economic Espionage Act of 1996, 700 interoperability, 298, 305–307 Domain name system (DNS), 154 Economides, Nicholas, 771 multidatabases, 300 Domain name system query, 318 Edgar P. Benjamin Healthcare Center peer-to-peer-based architectures, 300 Domain-related metadata, 308 (1996), 708 reliability, 298, 304–305 Dome resonator, 1028 Edge network, 381 typology of failures in, 304 Domino effect, 277 EDI (electronic document Distributed data services, 5 Dongarra, J.T., 80 interchange), 844 Distributed denial of service (DDoS), Dorigo, M., 1016, 1019 eDonkey, 157, 160–161 425, 427, 445, 454, 459–464 Dot.com, 911 Education. See Distance learning; defense technologies in deployment, Dot-com fi nancial boom, 771 Training 459–460 Double data rate (DDR), 82 EDVAC, 279 Distributed directory service, 215 Double spending, 875 EEPROM. See Electrically erasable and Distributed DMZ architecture, 566–567 Down time, 372, 382 programmable memory (EEPROM) Distributed functional plane, 236 zero down time, 679, 687 Efstathiou, E.C., 184 Distributed hash table, 139 Down times, in business services, EGEE project, 46, 52 -based overlay networking storage 672–673 eGranary Digital Library Appliance, 821 system, 173 Dowrick, P.W., 774 Egress edge router, 343, 344 Distributed intelligent broadband Draft Charter on the Preservation of the 8B/10B encoding, 210–211, 216 network (DIBN), 235 Digital Heritage, 825 801.1x, 579 Distributed intelligent networks, Dragonfl ies, 327 802.11a, 919 235–248 Drug delivery system, 1052 802.11b, 919, 925 basics, 235–238 Drury, D.H., 772 802.11g, 919–920 common object request broker Druschel, P., 179 802.11i, 579, 920 architecture, 239–241 DShield, 415 802.11n, 920 distributed processing Dsniff, 391 802.1(X), 787 technologies, 239 D’souza, A., 834 Einstein, A., 286 dynamic code deployment, 241 DSpace, 814, 817–818 EJB. See Enterprise Java Beans (EJB) IN protocol stack, 236–237 Dual-homed host, 569 Elasticity, 760–761, 765 intelligent broadband networks, Dual in-line memory module (DIMM), ElcomSoft, 587 238–239 82, 90 Eldred, Eric, 810 Java and, 247–248 Dual interface cards, 252 Eldritch Press, 810 mobile agents, 241–242 Dublin Core metadata best E-learning. See Distance learning open service architecture/parlay, practices, 816 Electrical access control (EAC) 244–245 Dumpster diving, 391–392, 397, 400, systems, 610 Parlay Group, 244–245 589, 600 Electrical anomalies, 603–606 Parlay/SPIRITS approach, 247 Dust, 607 electromagnetic interference, 606 STARLITE approach, 245–246 Duty cycle, 663–664, 669 electrostatic discharge, 605–606 Distributed management task force, 199 DVD media backup, 645, 665, 968 lightning precautions, 603–604 Distributed object sharing, 300 D-WARD, 460 power conditioning, 603 Distributed presentation, 5 Dye thinning, 666 surge protectors and line fi lters, 604 Distributed processing Dynamic code deployment, 241 uninterruptible power supply, environment, 241 Dynamic data authentication, 265 604–605 Distributed processing principles, 241 Dynamic host confi guration protocol Electrically erasable and programmable Distributed processing (DHCP), 8–9, 318, 716 memory (EEPROM), 254, 266 technologies, 239 Dynamic packet fi ltering, 726 Electrical noise, 629 Distributed-reliability protocols, Dynamic programming Electromagnetic interference (EMI), 304–305 algorithm, 303 606, 629 Distributed search, 143–144 Dynamic taint analysis, 412 Electromagnetic radiation, 625–626 1074 INDEX

Electronic article surveillance (EAS), Electronic mail alert services, 931 security breaches and, 634 974, 980, 981, 984 Electronic money, forms of, 871–872 security issues and practices, 738 Electronic bill presentment and Electronic Monitoring & Surveillance virtual work and, 779–780 payment, 792, 798, 799, 872, 880 Survey (AMA), 689 viruses, 734–735 Electronic business XML, 865 Electronic payment system(s) viruses, avoiding, 448 Electronic cash, 875–876, 883–886 credit-card-based, 872–874, 880–882 virus scanners and, 399 Electronic check conversion, 799, 875 debit-card-based, 874 E-mail and Internet use policies, 481, Electronic checks, 877–878, 885 defi ned, 887 624, 627–628, 689–711 Electronic code book mode, 510 electronic bill presentment/payment, balancing business needs and Electronic commerce, 843–857 872, 880 employee privacy rights, 692–696 applications, 951 electronic cash, 875–876, 883–886 children’s personal data, protecting, broadband wired/wireless networks electronic checks, 877–878, 885 702–703 and, 847–848 electronic funds transfer, 874–875, communicating, to employees, 700 business models, 849–851 882–883 constitutional rights, protecting, 707 business-to-business e-commerce, electronic purse/stored-value card, coordinating with other policies, 852–853 876, 885 699–700 buyer-seller relations, 855 electronic wallets, 877, 880 disability and medical confi dentiality current status, 845–846 fair exchange, 871 concernts, 706–707 defi ned, 844 micropayment, 876, 884–885 disciplining employees for direct e-mail/viral/multichannel mobile payment system, 878–879, 886 misuse, 705 marketing, 852 network requirements, 870 discrimination and harassment economic impacts of, 854–856 privacy for payer/payee, 871 concerns, 705–706 effects on markets/prices, 854–856 representative technologies, 880–883 drafting, 690–692 encryption methods in, 848–849 requirements for, 869–871 employee blogging, 699 global trends, 846 security requirements, 870–871 employment contracts, respecting, history of, 844–845 types of, 871–879 707–708 incentive and loyalty programs, Electronic product code (EPC), 976, enforcing, 700 851–852 981, 984 federal labor law protections, 707 Internet and e-commerce Electronic purse, 875, 876, 885, multinational employers and, 696 standards, 848 886, 887 policy implications, 702 online content distribution, 853–854 Electronic surveillance, 704 protecting computer networks, online retail marketing strategies, Electronic tape vaulting, 679 701, 702 851–852 Electronic theses and dissertations, protecting personal data of third personalization/customization/ 808–809, 827 parties, 702–703 recommendation systems, 851 Electronic vaulting, 687 protecting proprietary information, pricing, 855 Electronic voting systems, 505 700–701 trust/security/privacy, 856 Electronic wallet, 877, 880, 887 purpose and function of, 690–692 Electronic communications Electronic workplace monitoring, 710. scope of, 696–699 defi ned, 784 See also E-mail and Internet use spam, 700–702 evolving forms of, 696–697 policies virtual workplaces and, 697–699 Electronic Communications Privacy Electrostatic discharge, 605–606 E-mail-based person-to-person Act, 695, 784 Elementary time unit (ETU), 266 payment, 875 Electronic community, 899 Elemica, 867 E-Mail Rules, Policies and Practices Electronic data interchange, 860–867 Elephants, 327 Survey (AMA), 689 applications, 866–867 Elliptic curve cryptography (ECC), E-mail security, 469–484 benefi ts of using, 861–862 923–924 anti-hoax and chain mail policy, business applications of, 860–861 Elsevier, 807 481–482 business strategies supported E-mail, 733–736. See also E-mail anti-spam policies, 482 through, 861 and Internet use policies; E-mail attachment risk level categories, implementation and best security 475–476 practices, 865 acceptable use of, 481 chain letters, e-mails, and hoaxes, industry conventions, 865 advantages and features of, 734 477–478 Internet-based, 863 awareness information, 30 codes of conduct, 482 motivation for using, 860–861 backup and recovery, 640 fraud, 478–480 potential problems/limitations of, 862 components, 734 policy-based solutions, 480–481 security, 865–866 current systems, 734 social and antisocial issues, 469–474 standards, 863–865 defi ned, 733, 739 spam and related abuse, 474–482 traditional EDI communications, disadvantages and vulnerabilities of, threats and extortion, 480 862–863 734–735 viruses and worms, 441, 471–473 UN/EDIFACT standards, 864–865 documents as matter of federal E-mail server, 8 X12 standard, 864 record, 784 E-mail worms, 458 Electronic detection, 974 e-commerce and, 852 EMI (electromagnetic interference), 606 Electronic forms exchange, 863 fi lters and usage policies, 735–736 Emotion, and social engineering, 385 Electronic fund transfer system, history of, 733 Employease 2006, 745 874–875, 882–883, 887 mandatory parts of, 733 Employees Electronic journals (e-journals), phishing and, 392–393 awareness of security threats, 785 807–808, 827 publicly available Web-based disciplining, for Internet misuse, 705 Electronic libraries. See Digital libraries providers of, 734 electronic monitoring of, 704 INDEX 1075

express or implied employment Enterprise application integration, Evans, D.S., 791 rights, 707–708 34, 43 Eve, 506, 510 government, 707, 708–709 Enterprise ASP, 753 Event, 290, 296 preventing criminal activity by, Enterprise Java Beans (EJB), 10 Event-distribution network (EDN), 145 703–704 Enterprise resource planning Evidence-collecting technology, 634 respecting constitutional rights applications, 743, 745 EVOLVE tailoring platform, 25, 26 of, 707–708 Enterprise risk management, 651 Exchange, 186, 212–213, 216, 223 security breaches and, 636 Enterprise solutions, 189 Exchange-based mechanisms, 169 security policies and, 396 Entertainment, mobile, 915, 916 Exchange-based P2P fi le-sharing union-represented, 708 Entropy, 593 systems, 177–178 Employee’s Guide to Security Entropy coding, 765 Exclusive news site model, 938 Responsibilities, 392 Enveloping, 516 Execution, 290, 296 Employment, growth of, 966 Environmental conditions, 606–608 Exhange, 210 Employment laws (U.S.), 705–709 foreign substances, 607 Exhaustive search attack, 507, 586 constitutional rights, respecting, 707 inappropriate forces, 607–608 eXist, 814 disability/medical confi dentiality ruggedization of equipment, 608 Expedia, 947 concerns, 706–707 temperature and humidity, 606–607 Experience industry, 956–957 discrimination/harassment concerns, Environmental control, 614–618 Explicit congestion notifi cation, 351 705–706 emergency egress, 614–615 Explicit forward congestion indication employment contracts, respecting, fi re detection, 615–616 (EFCI), 350 707–708 fi re preparedness, 614 Exponential weighted moving average, federal labor law protections, 707 fi re prevention, 615 760, 765 union-represented employees Environmental hazards, and personnel, ExSourcers, 742 and, 708 621–622 Extended STEPS, 22 Employment Practices Data Environmental threat sources, 356 Extensible authentication protocol Protection Code (UK Information EPC (electronic product code), 976, (EAP), 579 Commissioner), 694 981, 984 Extensible markup language. See XML Emulation, 824 EPCglobal, 976, 981 (extensible markup language) Enabling Grids for E-sciencE (EGEE) Ephemera, digital, 809 Extensible messaging and presence project, 46 Ephemeral ports, 569 protocol (XMPP), 155, 166 Enabling responses to anomalous live E-policy, 760, 765 Extensible stylesheet language disturbances (EMERALD), 410 E_Port, 207 transformation (XSLT), 74 Enabling technologies, 9–13 Erbium-doped fi ber amplifi er, 96, 1022, Extension-by-inheritance middleware, 9–10 1029, 1032 philosophy, 999 networking, 11–13 eReader, 806 External disk drive, 667 Enabling technology, 14 Ergonomics, 4, 622 Extortion, e-mail, 480 Encapsulating security payload ERIC database, 826, 827 Extranet, 13–14, 14 (ESP), 499 Ericsson, 756 hybrid extranet, 491 Encoding, 274, 719, 1036 Erlang, A.K., 326, 329 private extranet, 491 Encryption, 43, 68, 398, 437, 647–648, Error, 269, 284 public extranet, 491 648, 653, 724, 735, 738, 739, 871 Error-correcting codes, 274 service provider, 491 defi ned, 516 Error-detecting, 274 Extranet VPNs, 491, 492, 502 e-commerce and, 848–849 Error recovery, 276 Extremely Reliable Operating System malicious code transfer and, 474 Escalation, 637 (EROS), 1001 removable media and, 669 Espionage, 982 ExxonMobile Speedpass, 886, 975 Encryption algorithm, 506 ESPIRIT program, 886 e-zines, 928, 938 Encyclopedia Titanica, 817 Ethereal protocol analyzer, 390 End of frame (EOF), 233 Ethernet, 83, 90, 576 Fabric log-in, 215 End of frame delimiters, 211 sniffi ng attacks and, 429 Fabric shortest path fi rst (FSPF), 198, Endoplasmic reticulum, 1036, 1052 Ethernet, industrial, 608 202, 213 End-point/edge admission control, 344 Ethernet link aggregation, 321 Face-to-face social engineering, 391 Endpoint element, 65 Ethics, 482, 483 FaceTime Communications, 738 End-point reference, 67 Europay, 264–266 Facilitated Risk Assessment Program End-to-end considerations, 994 Europe, mobile phone usage in, 697 (FRAP), 358, 360–361 End-to-end fl ow control, 214, 223–224 European Data Protection Facilities, physical security for, 609–621 End-to-end performance, 340 Directive, 710 access control components, 611 End-to-end tunneling, 493 European Digital Hierarchy, 322 access control for spaces, 609–614 Energy effi ciency, and molecular European Sixth Framework barriers and openings, 609–612 communication, 1038 Programme, 52 detectors and alarms, 612–614 Enhanced Backup Solutions Initiative European Technical Standards other disaster preparedness, 620–621 (EBSI), 680 Institute, 262 wind, seismic, and explosive forces Enhanced observed time difference European Telecommunications preparedness, 619–620 (E-OTD), 921 Standards Institute, 235 Facility, 687 enLeague, 786 European Union FAFNER, 46–47 EnrichUK program, 802 employee privacy/data protection Failover, 372–373, 382 Enrollment, 550 and, 696 Fail-safe circuit, 278 Enrollment record, 540 privacy and data protection, 692–693 Fail-silent fault, 375, 382 Entangled photon pairs, 1026 workplace-specifi c laws, 693 Failure, 269 1076 INDEX

Failure-to-acquire rate, 543, 550 Federal Bureau of Investigation (FBI), File type, 483 Failure-to-enroll rate, 543, 550 541, 632, 895 File viruses, 470 Failure rate, 270, 375, 382 Federal Express Corp. v. Dutschmann Filter, 739 Failure rate of function, 270 (1993), 708 Filters, photonic crystals and, Fair exchange, 871 Federal Records Act, 784 1023–1024 Fair information practices, 693 Federal Reserve System, 798 Financial services, mobile, 916 Fair queuing, 347 Federated database systems, 300 Financial Services Technology Fair use, 710, 806 Federated fabric, 195 Consortium, 886 Fake Web site attack, 589 Federated storage, 119 Fingerprint biometrics, 541, 548, 797 False acceptance rate, 543, 544, Feedbacks, 1020 Fingerprints (hash function), 584 546, 550 Feldman, M., 172, 173 Finger table, 140 False alarms, 434 Felegyhazi, M., 183 Fire preparedness False match rate, 545, 550 FeliCa card, 886 detection, 615–616 False negative, 452 Fennelly, L.J., 612 emergency egress, 608, 609, 614–615 False nonmatch rate, 545, 550 Ferguson, P., 488 environmental control, 614–618 False positive, 452, 483 Feynman, R.P., 286 fi re preparedness, 614–618 False rejection rate, 543, 545, Fiber-optic cabling, 322 fl ood preparedness, 618–619 546, 550 Fiber optic technologies, 95 gaseous alternatives to halon, Family Educational Rights and Privacy Fibre Alliance, 200 617–618 Act of 1974, 392 Fibre channel, 85, 205–216, 233 halon, 617 Family and medical leave, 706, 710 addressing, 209–210 lighting and surveillance, 612 Fan, R., 295 classes of service, 214 mitigation, 616 Fan clubs, 906 defi ned, 216 preparedness, 614 Fanning, Shawn, 152, 157 development of, 196 prevention, 615 Faraday, Michael, 974 distributed services, 215–216 recovery, 618 Faraj, S., 901 elements, 207 suppression, 616–617 Farhoomand, A.F., 772 fabric routing, 213 total fl ooding with gaseous Fast Ethernet, 83, 90 fl ow control, 214–215 agents, 617 Fast Internet traceback, 462 information transmission hierarchy, water-based suppression, 618 FastTrack, 152, 158, 159, 161 210–213 Firewall(s), 8, 398, 553–569, 739 Fault, 284 mapping other protocols to, 215 advantages/disadvantages of, 554 Fault, defi ned, 269 media access control, 213–214 air gap architecture, 567–568 Fault avoidance, 270, 284 protocol architecture, 205–7 architecture design elements, 564 Fault containment, 270 technology, 189 defense in depth design philosophy, Fault detection, 270, 273, 274 topologies, 208–209 562–564 Fault location, 270 transmission media, 208 defi ned, 569 Fault management, 716, 728 Fibre channel arbitrated loop denial of service attacks and, 459 Fault masking, 270, 273, 274 standard, 193 enterprise fi rewall architectures, Fault recovery, 270, 273 Fibre-channel-based SANs, 193 562–564 Fault resilience, 373 Fibre-channel ID, 209 functionality, 553–557 Fault-secure circuit, 278 Fibre Channel Industry Association, multitiered/distributed DMZ Fault tolerance, 270, 274, 284, 373 200, 208 architecture, 566–567 defi ned, 269 Fibre-channel over IP (FCIP), 198 packet-fi ltering routers, 564 Fault-tolerant building block Fibre channel over TCP/IP, 228, 233 perimeter fi rewall architecture, computer, 279 Fibre-channel topologies, 196–197 564–565 Fault-tolerant computing, 269, 284 Fich, F., 294 perimeter security, 563–564 Fault-tolerant multiprocessor, 279 Field programmable gate array (FPGA), screened subnet (DMZ) architecture, Fault-tolerant spaceborne 89, 103, 1002 565–566 computer, 279 Figueiredo, D., 171 security and, 427 Fault-tolerant systems, 269–285 Filament, 1047, 1052 server/host fi rewall architecture, 565 defi ned, 269 File allocation table, 266 technology analysis, 561–562 hardware redundancy, 273–274 File and application servers backup, types of, 557–561 information redundancy, 274–275 645–646 virtual private networks and, 497 modeling, 270–273 File and boot viruses, 470 FireWire, 669 need for, 269 File-infecting viruses, 446 First Internet Bank of Indiana, 792 networking, 283 File-integrity checkers, 634 First Network Bank, 791 self-checking design, 278–279 File sharing, 17, 144, 166, 170–178, 186 Fischer, M.J., 294 software redundancy, 275–278 auction-based, 175–177 Fischer v. Mt. Olive Lutheran Church survey of, 279–283 BitTorrent, 170 (2002), 696 terminologies, 269–270 cost of sharing, 171–172 Fixed spoofi ng, 459 time redundancy, 275 exchange-based, 177–178 Flaming, 469 Fault-tolerant TCP, 283 game theoretic modeling, 174–175 Flammable, 629 Fax server, 8 hierarchical P2P systems, 170 Flash, 938 FDIC, 798 payment-based, 170–171 Flash drives, 645, 667 Feasibility assessment, 753 penalty-based approaches, 173–174 FlexiBeans, 25 Features, 549, 550 P2P applications for, 157–162 Flexibility, client/server, 3 Feature vectors, 405 File transfer, 43 Flickr, 827 Feaver, Douglas, 936 File transfer protocol (FTP), 9, 90, 153 Flocchini, P., 294 INDEX 1077

FLOGI (fabric log-in), 215 Full volume backup, 679 Global loops, 1014 Flooding, 138, 896 Functional entity actions (FEAs), 236 GlobalPlatform, 261–262 ICMP smurf fl ooding, 455 Functional line managers, 633 Global positioning system (GPS), 921, intermittent fl ooding, 455–456 Functional model, 715 925, 952 TCP SYN fl ooding, 455 Functional recovery steps, 682 Global schema multidatabases, 300 user datagram fl ooding, 455 Global service logic (GSL), 236 Flooding algorithm, 291 Gafni, E., 295 Global state, 296 Flood preparedness, 618–619 Gagne, R., 963 Global-state recording algorithm, anticipation, 618–619 Galegher, J., 901 291, 296 detection and mitigation, 619 Galinsky, E., 772 Global system for mobile recovery, 619 Gallica, 816 communications (GSM), 266, 878, Floor control, 765 Galton, Sir Francis, 541 918, 925 Flow, 327 Games Globus project, 67–68, 76, 307, 308 Flow control, 214–215, 223 commercial online game industry, 905 Globus Toolkit, 49, 50–51, 73, 115 FL-PORT, 207 multiplayer, 903 GL_Port, 207 Fluid Dynamics software, 817 Game theoretic modeling, 174–175 G-Monitor, 116 Fluid model, 337 Game theory, 29 GNU, 90 Folding@home, 164 Gannett Newspapers, 934, 936 Gnutella, 131, 136, 147, 159–160 Fong, M., 415 Gannon, Jeff, 931 Goat machines, 450 Fonseca, R., 295 Gap-junction channel, 1040, 1052 Gonzalez, M.G., 769 Food and Drug Administration, 976 Garcia-Molina, H., 171, 173 Good, R., 772 Foreign function interfaces, 257 Garfi nkel, S., 606, 608 Google, 154, 387–389, 806 Forensics, 637 Garner v. Loomis Armored, Inc. Google News, 934 Forgery, 391 (1996), 694 maps, 388 RFID and, 983 Garrison, D.R., 834 newsgroups, 388 Forrest, S., 407, 1015, 1019 Garrity v. John Hancock Mutual Life phone listings, 388 Forward error correction, 763, 765 Insurance Company (2002), 694 Google Hacks (Calishain and Forwarders, 142 Gates, Bill, 395, 775 Dornfest), 388 Forwarding attacks and defenses, 465 “Gateway,” 928 Gordon, L., 627 Forward recovery, 276 Gaze awareness, 764, 765 Gorsky, P., 834 Foster, I., 66, 307 Gbps, 90 Gossip protocol, 138 Foundation for Information Policy General inter-object request broker Government employees, 707, 708–709 Research, 261 protocol (GIOP), 239, 248 G_Port, 207 Foundation for Intelligent Physical General inter-ORB protocol (GIOP), 38 Gragg, D., 396, 397, 400 Agents (FIPA), 242 General Motors Company (GMC), 693 GRAM (Grid Resource Allocation 4-Gbps technology, 193 General packet radio service (GPRS), Manager), 68, 75–76 4G, 919 918, 925 Gramm-Leach-Bliley Act of 1999, Fourier transform, 331 General Purpose Processors (GPPs), 1002 392, 797 419 scam, 479, 483 Generational backup, 643 Graphical user interface (GUI), 390, Fourth Amendment rights, 708 Generic Active Messages, 86–87 561, 891 Fox, E., 818 Generic collaborative architecture, GUI-based e-mail clients, 734 Fox News Channel, 935 23–24 Graphic interchange format (GIF) F_port, 207, 220, 233 Generic query, 303 fi les, 811 Fractional Brownian motion, 333, 337 Generic routing encapsulation Green Book, 583, 593 Fragment allocation, 302 (GRE), 502 Green fl uorescent protein, 1044, 1052 Fragmentation, 301, 309 Genome@home, 164 Greenstein, D., 801 Frame, 210, 211–212, 216 Geographical information systems, 952 Greenstone Digital Library, 814 Framework of Guidance for Building Geo-location software, 797 Greenwald, M.B., 177 Good Digital Collections, 826 Geopolitical certifi cation authority, 881 Grid, 90 Framing protocol, 222–223 George, S., 1019 Grid applications layer, 113, 116 Frampton v. Central Indiana Gas Co. Gerke, K., 606 Grid Bank, 116 (1973), 694 Ghosh, A.K., 406, 423 Grid book, 307 France Telecoms Orange division, 778 Gift cards, 876 Gridbus broker, 116, 119 Frankel, Justin, 159 Gigabit Ethernet, 83–84, 90, 94, 99–100, Gridbus project, 116 FRAP, 360–361 106, 321 Grid computing, 45–59, 63–77, 127, Fraud, 795 Gigabit interface converter (GBIC), 308–309 Freenet, 146, 162–164 222, 233 Apache WSRF, 54 Free-nets, 907 Gilder, George, 770 concepts and components, 48–50 Free-riding, 168, 169, 173–174, 186 Gillette, 976 CROWN, 55–56 Free traffi c, 333 Glaser, R., 963 early experiences in, 47 Freeware programs, 445 gLite, 52, 60 evolution of, 46 Freshness, 572 Global conceptual schema, 309 FAFNER, 46–47 Friis, Janus, 155, 158 Global distribution systems, 943 features summary, 59 FTP (fi le transfer protocol), 90 Global Exchange Services, 863 grid defi ned, 45–46 Full backup, 642, 648 Global Grid Forum, 48, 66, 307. See also infrastructure, 63–68 Full-duplex Ethernet, 321 Open Grid Forum (OGF) instantiations, 50–51 Full-interruption testing, 683 Global intrachip communications I-WAY, 47 Full-service providers (FSPs), 742 infrastructure, 105 OMII_2, 57 1078 INDEX

Grid computing (cont.) G.728 standard, 763 Herring, S., 894, 901 PyGridWare, 57 Gu, Q., 465 Herschel, William, 541 resource management, 72–74 Guan, B., 657 Hertz, Heinrich Rudolf, 974 security, 68–72 Guaranteed service, 318 Herzberg, A., 822 software components for, 67–68 Guessing attack, 570 Heterogeneity, 413 standards, 66–67 GUMS (Grid User Management Heuristic scanning, 450, 452 UNICORE, 51–53 System), 72 Hewlett-Packard, 122, 764 user interface/workfl ow management, Gunawardena, C.N., 836 HF (high frequency), 984 74–76 Gupta, R., 175, 183 Hierarchical networks, 321 Web services, 63–66 Gupta, U.G., 657 Hierarchical P2P systems, 170 WSRF::Lite, 53–54 Gwertzman, Bernard, 936 Hierarchical topology, 321 WSRF.NET, 54–55 High availability, 373 GriddleS library, 76 Ha, Ju-Yong, 928 High-availability clusters, 81, 202 Grid fabric software layer, 113 Habib, A., 179 High Availability Linux project, 81 GridFTP, 68 Hackers, 384, 737 High Availability OSCAR Project, 81 Grid Information Services, 68 Hacking, 633, 635, 637 High frequency (HF), 979, 984 Grid Interoperability Project, 51 Hajek, B., 176 High-performance computing Grid-map fi le, 76 Half-duplex 10-Mbps Ethernet, 321 clusters, 81 Grid market director, 115 Halford v. United Kingdom (1997), 692, High-performance computing Grid Market Directory, 116 698 systems, 94 GridMedia, 147 Hallam-Baker, Phillip M., 886 High Performance Debugging Grid middleware, 115 Halon (halogenated agent), 617, 629 Forum, 88 GridNexus, 75 Hammer, J., 306 High speed connections, 929 Grid portals, 74, 76 Hamming code, 280 HIPAA, 706 Grid Quality of Service Hamming distance, 274, 1015, 1020 History and Politics Out Loud, 809 Management, 1211 Hamming weight, 253, 266 Hitlist scanning, 458 Grid Resource Information Service, 68 Hancock, W.M., 613 HMAC protocols, 728 Grids. See Utility computing; specifi c Hand geometry readers, 547–548 Ho, P., 133 type of grid Handoff management, 725 Hoaxbusters Web site, 477 GridSAM, 57 Handshake protocol, 575 Hoaxes, 444, 477–478 Gridscape, 116 Handwriting analysis, 541 Hofmeyr, S.A., 407, 1015, 1019 Grid Security Infrastructure, 51 Happened-before relation, 296 Hole-assisted fi bers, 1024 Grid service, 49, 66 Harassment, 705–706, 894 Holey fi bers, 1024 Grid users, 115 Hard disk technology, 666–667 Holmberg, B., 832–833 Grid Web Service Description Hardening, 636, 637 Home location register (HLR), 725 Language, 67 Hardware Home offi ces/worksites, regulations and Grimoires, 57 cluster computing and, 89 laws governing, 783 GRIP model, 781, 782 costs, and media storage, 664 Homeostasis, 1013, 1020 Groove, 20, 21, 135, 156–157 Hardware redundancy, 273–274 Homogenization, 306–307 Groove Workspace, 26 Hardy, Norman, 582 Honeypots, 434 Gross, Ben, 801 Hariri, S., 1013, 1014 Hop-by-hop admission control, Group, 537 Harley-Davidson, 908 343–344 Group calendar, 17 Harrison, V.M., 769 Hop-by-hop performance, 340 Group decision support systems, 17, 20 HARTs (high availability with redundant Hop-by-hop source authentication, 465 GroupKit, 26, 27 TCP stacks), 283 Horizontal ASP, 745, 753 Grouplet service classes, 23 Hash function, 148, 509–510, 516 Horizontal fragments, 301–302 GroupSystems, 20 Hashing, 584–585 Hose model, 502 Groupware, 16–30, 166 Hasle, H., 400 Host authentication, 575–579 application classifi cations, 17–19 Hate speech, 894 interactive media, 579 application examples, 19–21 Hausheer, D., 177 Internet protocol security, 578 architectures, 23–24 Haystack, 404 Kerberos, 577 component platforms and toolkits, Hazard function, 270 one-time passwords, 576–577 25–27 Hazardous materials, housing, 620 pretty good privacy, 577–578 defi ned, 30 Headline, 938 remote log-in, 575–576 designing, 21–27 Head-of-line blocking, 323, 325 secure shell, 576 functionality, 16–17 Health Insurance Portability and wireless networks, 578–579 “soft side of,” 29–30 Accountability Act (HIPAA), 200, Host-based attacks, 456 tailorability, 27–29 392, 650, 681, 706, 784 Host-based computing, 5 trust/privacy and, 29 Heating ventilation air conditioning Host-based intrusion detection, types of, 16 (HVAC) 413–415 Groupware reference model, 30 defi ned, 629 Hosted backup services, 647 Groupware service module elements environmental control and, 614 Hostile work environment, 689, 696, (GSMEs), 24 fi re mitigation and, 616 703, 705, 706, 710 Groupware service modules (GSMs), 24 temperature and humidity and, Hosting service, 745 Grudin, J., 17 606–607 Hostname, 410 Grueskin, Bill, 937 water damage and, 603 Hotel industry, 945–946 G.711 standard, 763 Hellman, Martin, 511 Hotelling, 777–778 G.722 standard, 763 Henderson, S., 775 Hot failover, 373 INDEX 1079

Hot site, 659, 677 Ileri, O., 182 Infrastructure wireless network Hot standby sparing, 273 Ilgun, K., 410 mode, 578 Hot-swappable drive confi guration, 667 Ilium Software, 880 Ingress edge router, 343, 344 Hot vs. cold backups, 642 IM-Age, 739 Ingress policing, 342 HP OpenView, 726 Image backup, 678 Inheritance model, 999 H.323 protocol, 579 IMAP (Internet Message Access Inhibit signals, 1019 HTTP (hypertext transfer protocol), 63 Protocol), 8 Initia TEK, 786 Hu, Y.C., 465 IMlogic, 738 Initiator, 291, 296 Hubaux, J.P., 183 Immediate failover, 373 Innocent Images program, 895 Hubs, 194 Impact, 356, 422 IN protocol stack, 236–237, 236–238 Human-borne information, 623 Impact attacks, 459 INRIA Videoconferencing System, 756 Human-computer interaction, 4 Impersonation, 391, 395–396, 469, 589 Insider studies, 910 Human factors analysis, 4 Improved-effi ciency business model, Insight, 815 Human identifi cation science. See 917–918 INSIGNIA, 238–239 Biometrics IN application protocol, 236 Insourcing, 646 Human threat sources, 356 Incentives, 186 InspireD project, 261 Humidity, 596, 606–607, 607 Incident, 637 Instance-based learning, 405 Hummer project, 415 Incident response, 399, 438, 637 Instant messaging, 16, 166, 390, 733, HummingBird, 415 Incoming request queue (IRQ), 177 736–738 Hunt groups, 206 Incremental backup, 642–643, 648, advantages and features of, 737 Hurricane Katrina, 626 654, 679 awareness information, 30 Hurricane preparedness, 619–620 Independent, 938 current systems, 737 Huston, G., 488 Index/index mechanisms, 143–144 defi ned, 736, 739 Huxley, John, 664 Indexing, 827 disadvantages and vulnerabilities Hybrid attacks, 586, 593 Index of dispersion workload (IDW), 330 of, 737 Hybrid extranet, 491 Index middleware, 147 Groove Workspace, 26 Hybrid malware, 471, 483 Inductive generalization, 405 history of, 736–737 Hybrid money, 871–872 Industrial engineering, 4 safeguards and usage policies, Hybrid services, 245 Industrial Ethernet, 608 737–738 Hype and dump spam, 479 Industry Standard Architecture security issues and practices, Hyperion Digital Media Archive, bus, 82 738–739 814–815 Infeld, L., 286 Skype, 20 Hypermedia, 938 Infi nera, 97 virtual work and, 779 Hypertext, 933, 938 Infi niBand, 84–85, 90, 94, 197 Institute of Electrical and Electronics Hypertext markup language (HTML), Information Engineers (IEEE) 802.5 7, 64 government requests for, 704–705 protocol, 213 Hypertext transfer protocol (HTTP), 63 security of, 781, 784 Institute for Museum and Library Information and Communications Services, 802, 826 ibiblio, 809, 827 Technology (ICT), 775, 787 Instrusion-detection system, 637 IBM, 1013, 1014 cognition/social activity and, 780 Instrusion prevention systems, 400 business resilience framework for, 686 virtual work and, 779 Insurance, 676 DES cipher, 508 Information gain, 408 Intangible costs, 674–675 e-business on demand, 124 Information mining, 623–624 Integrated approach, 987 Lotus Sametime, 738 Information model, 715 Integrated circuit card, 266 Tivoli, 726 Information overload, 385, 772 Integrated services (Intserv), 351 videoconferencing and, 756 Information-processing equipment, Integrated services digital network Websphere, 66 601–609 (ISDN) user part, 236 IBM 650, 279 electrical anomalies, 603 Integrity, 43, 361, 387 iChat, 756 environmental conditions, 606–608 Integrity checksums, 495 ICQ, 896 physical access control for, 608–609 Integrity violations (data), 663 Identifi cation utilities, 601–603 Intel Corporation, 106, 910 RFID and, 980 Information provisioning, mobile, 916 Intellectual property infringement, types of, 581–582 Information redundancy, 274–275 624, 910 Identifi er, 550 Information richness theory, 779 Intellectual property rights, 810 Identify friend or foe (IFF), 944, 974 Information Society Technologies Intelligent agents plane, 26 Identity, 540, 574 Advisory Group, 952 Intelligent broadband networks, 235, Identity-based encryption (IBE), 515 Information technology, 637. See also 238–239, 239 Identity theft, 469, 702, 737, 795 Business requirements of backup mobile agents and, 241–242 IDIAN1415 systems reference architecture for, 242 IDLEs, 211, 213 ASPs as alternative to departments service execution, 242–244 Idle time, 38–39 of, 742 Intelligent network applications part IEEE Link Aggregation Task Force, 321 infrastructure mapping, 655 (INAP), 249 IETF Audio/Visual Transport Working Information theory, 583–584 Intelligent Network Conceptual Group, 761 Infosecurity Europe, 393–394 Model, 235 IETF Integrated Services, 344 Infrared communications-based Intelligent network (IN), 248 IFF, 974, 984 protocols, 879 Intelligent peripheral, 238 I-frame, 762, 765 Infrared technologies, 915 Intel ProShare, 756 IIOP (Internet Inter-ORB protocol), 10 Infrastructure attack, 459 Intel’s PC camera, 786 1080 INDEX

Interaction grid, 112 Internet domain naming service, 978 Intrusion, 403, 438 Interactive functionality, 7 Internet Engineering Task Force (IETF), Intrusion-detection exchange Interactive marketing, 955 9, 72, 197, 199, 489, 756, 924 protocol, 415 Interactive media, 579 Internet fi bre-channel protocol Intrusion detection in our time Interactivity, 929, 931, 938 (iFCP), 198, 233 (IDIOT), 411 Intercomponent relationships, 27 Internet inter-ORB protocol (IIOP), 38 Intrusion-detection message exchange Interface, 65 Internet key exchange, 499, 502, 578 format, 415 Interface defi nition language (IDL), 10, Internet mail access protocol Intrusion-detection sensors, 613 14, 36, 239 (IMAP), 734 Intrusion-detection systems, Interface description language, 63 Internet-only banks, 792 400, 403–417, 438, 557, Interface device, 257, 266 Internet protocol (IP), 381. See also 634, 739 Interface layer, 225–226 Voice over Internet protocols abstraction-based, 411 Intermediary, 854, 857 (VoIPs) anomaly detection, 404–409 Intermittent failures, 269, 375 link aggregation and, 321 biologically inspired, 1015 Intermix, 214 request for address, 318 host-based, 413–415 Internal fi rewalls, 560, 569 Internet protocol security, 578 information-theoretic measures, 408 International Committee for Internet protocol stack, 12–13, 14 intrusion-alert correlation, Information Technology Standards application layer, 13 415–417 (INCITS), 193 data-link layer, 12 misuse detection, 409–413 International network standards, 235 networking security vulnerabilities, 13 sharing information with, International Organization for network layer, 12 414–415 Standardization (ISO), 665, 981 and OSI model compared, 12 specifi cation-based methods, 408 accounting management, 717 physical layer, 12 Intrusion-prevention systems, 398 confi guration management, 716 transport layer, 12–13 Inventory control, 976 fault management, 716 Internet Public Library, 808 Inventory of Canadian Digital OSI reference model, 715 Internet relay chat, 390, 736, 768, Initiatives, 802 performance management, 717 889–896, 911 Iomega, 667 security management, 716–717 behavioral features of, 894 IP address, 8–9 International resource identifi er, 64 children and, 894–895 IP-based extension solutions, 228 International Standards client software, 891 IP multicast, 765 Organization, 979 common user commands, I-policy, 760, 765 International Telecommunication 892, 893 IP security (IPSec), 499–500, Union, 69, 235, 756 conversational dynamics and, 502–503 International Visa, 261 892, 894 IP storage technologies, 198 Internet, 13, 14. See also E-mail; E-mail defi ned, 896 IP telephony. See VoIP (voice over and Internet use policies; Internet future of, 896 Internet protocol) relay chat; Online communities hate and harassment on, 894 IP traceback, 462–463 authentication, 570–571 IRcops/chanops/users, 891–892 IRC client, 891 basic foundations, 4 linguistic features of, 894 IRC daemon (IRCD), 889, 896 chat and instant messaging, 390 security and legal issues, 424–425, Ircle, 891 defi ned, 970 894–896 IRCops, 892, 896 denial of service attacks, 454–457 servers/networks/channels, Iris recognition systems, 541 e-commerce standards adn, 848 889–891 iSCSI (Internet SCSI), 198, 205, 216, EDI communications and, 863 Internet security association key 228, 230–233, 682 e-mail standards, 8 management protocol, 499, 578 address and naming conventions, fi bre-channel protocol, 228–229 Internet service provider (ISP), 748 231–232 impact of, on travel behavior, Internet telephony. See VoIP (voice over error handling, 232–233 953–954 Internet protocol) network architecture, 230–231 networking categories and Internet use policies. See E-mail and protocol-layer model, 231 components, 11–12 Internet use policies security, 233 personal information available on, Internetworking device capacity, 323 session management, 232 387–388 Interoperability, 30, 133, 239. See also iSCSI (Internet SCSI) standards, 197 programming implementation and, 35 Internet protocol stack iSLIP, 323 social networking sites, 389 client/server, 3 ISO. See International Organization for travel/tourism and, 949–954 Groupware and, 22 Standardization (ISO) Internet2, 969 Interoperability Specifi cations for ISO 14443-based proximity devices, Internet Architecture Board (IAB), 714 Integrated Circuit Cards and 878–879 Internet Archive, 809, 824, 827 Personal Computers, 256 ISO 15693-based vicinity devices, 879 Internet Assigned Numbers Interorganizational information Isolation, 780 Authority, 993 system, 860 iSuppli Corporation, 200, 202 Internet-based backup, 653 Interpacket communication (IPC), 991 Itao, T., 1017 Internet-based EDI, 867 Interrupted Poisson process (IPP), Item tracking, 979 Internet-based solutions 332, 345 IT outsourcers, 633 access control for, 530–536 Interworking object (IwO), 241 IT security, 637 XML-based access control languages, Intranet, 13, 14, 970 IT security staff, 633, 637 530–531 Intranet VPNs, 490–491, 492, 502 IT security tripod model, 469 Internet-based threats, 676 Introduction to Digital Libraries iTunes, 158, 854, 932 Internet control message protocol, 428 (Chowdhury and Chowdhury), 824 ITU-T H.323 standard, 29 INDEX 1081 ivs (INRIA Videoconferencing Kang, S.S., 184 Late fees and penalties (downtime System), 756 Kanuka, H., 833, 836, 839 and), 674 i-WAT, 171 Karp, B., 412 Latency, 80, 81, 90, 98, 269, 757 I-WAY, 47 Kazaa, 158–159 Laurillard, D., 835–836 Kelleher v. City of Reading (2002), 708 Law enforcement agencies, 633 Jabber, 155 Keller, F.S., 963 Law of diminishing returns, 380 JAIN service logic execution Keller’s Individually Programmed Lawsuits, 636 environment (JSLEE), 247 Instruction (Keller Plan), 963 Layered many-to-one streaming, Jajodia, S., 411 Kelsey, K., 834 178–179 Jamcracker 2006, 745 Kemmerer, R.A., 410 Layer three fi rewalls, 558 Janos, 1001–1002 Kepler, 76 Layer two tunneling protocol (L2TP), Java, 35 Kerberos, 34, 43, 72, 495, 574, 498–499, 503 distributed intelligent networks and, 577, 593 LC connector, 202 247–248 Kerberos ticket, 43 Leader-election algorithm, 286, 287, Remote Method Invocation, 239 Kerckhoffs, Auguste, 507 291, 296 Java 2 Enterprise Edition, 66 Kern, T., 749 Leaky bucket, 351 Java 2 Micro Edition (J2ME), 258–259 Kernel transport network, 241 Leaky-bucket algorithm, 342, 346 Java 2 Platform, Enterprise Edition Kesselman, C., 66, 307 Leaky-bucket-regulated sources, (J2EE), 9 Key, 68, 506, 516 336, 337 Java 2 Security Model, 534–536 KeyGhost, 390 Lean media, 779–780 access control, 535–536 Key logging, 390, 702 LEAP, 579 permissions, 535 Key pair, 516 Learning management system, 970 security policy, 535 King, Stephen, 805 Least privilege principle, 522 JavaBeans, 25 King Soopers, Inc. (2003), 708 Le Boudec, J.Y., 183 Java Card, 259–260 Kleinrock, L., 110, 760 Lee, W., 408, 411, 412 Java Card Forum, 259 K-line, 890 Legacy National Tobacco Documents Java Developer Connection, 907 KMi Stadium, 786 Library, 816–817 Java Message Service (JMS), 9 Knight-Ridder newspaper group, 928 Legacy packets, 989 Java RMI, 63 Knowledge Forum, 839 Legacy proprietary fabric switch Java Server Pages, 7 Knowledge grid, 112 phase, 193 Java Servlets, 7 Knowles, M., 834 Legal costs (in downtime), 674 Java Virtual Machine (JVM), 10, 35 kN redundancy, 374 Legal department, security breaches Jayaram, N., 430 Ko, C., 408 and, 633 Jayaram and Morse’s network security Kohonen, T., 406 Legionnaire’s disease, 621 taxonomy, 430 Kolmogorov complexity, 994, 1003, Lego Corporation, 907 JBOD (just a bunch of disks), 202 1006, 1007 Leighton, R.B., 286 Jet Propulsion Laboratory, 281 Konop v. Hawaiian Airlines (2002), 695 Lesk, M., 802, 822 Jha, S., 413 Kozierok, C.M., 605 Levi, D., 723 JIGSAW, 415 Kozlowski, S.W., 782 Levitt, K., 408 Jiro, 200 Krishna, K., 261 LF (low frequency), 979, 984 Jitter, 318, 325, 757, 760, 765 Kruegel, C., 414 Li, B., 176, 183 Jitter buffer, 761, 765 Kryder’s law, 662 Libra, 116 Jitter control, 760–761 Kryptonite, 931 Library of Congress/Ameritech National Job management system, 52 Kubiatowicz, John, 164 Digital Library Competition, 818 Job scheduling, 73–74, 648 Kumar, R.L., 861 Lightning precautions, 597–598, Job Submission Description Kumar, S., 410, 411 603–604 Language, 57 Kurzweil, R., 827 Lightwave systems, 105 Johns Hopkins University Press, 808 KU SmartPackets, 1000 Lightweight Directory Access Johnson, K., 469 Kwok, Y.K., 184 Protocol, 68 Joint Photographic Experts Group Limewire, 159 (JPG), 811 Labor law protections, 707 Lin, J., 411 Jones, S., 819 Lacity, M., 749 Lindqvist, U., 430 Jonsson, E., 430 Lafl amme, E., 839 Lindqvist’s extension, 430 Jordan, Eason, 931 Laforet, Vincent, 936 Linear barcode, 984 Journaling, 642 Lag, 891, 896 Line fi lter, 604, 629 JPEG 2000, 811 Lagoze, C., 816 Link aggregation, 321 JSR 168 Portlet Specifi cation, 74 Lai, K., 172, 173 Linked collections, 824 JumpDrive, 667 Laiserin, J., 769 Linux, 85–86, 89 Junk mail, 474. See also Spam Lamport, L., 290, 295 access control in, 523–525 Just a bund of disks (JBOD), 202 LAN bandwidth, 321–322 fi les and privileges, 524 Just-in-time (JIT) inventory Land attack, 434 IP-based security, 524–525 management, 861 Landslides, 620 password issues, 590 JViews, 26–27 Lane, T., 405, 406 security-enhanced, 525 JXTA versions, 138, 143 LAN (Local Area Network), 14, security specifi cations, 524 90, 205 user identifi ers and group identifi ers, Kabay, Michel, 469 La Padula, L., 520 523–524 Kablelink, 778 Laptop computers, 609, 622, 770 Liposome, 1039, 1052 Kademlia (Kad), 161 Large, J.A., 801 Lip-synch problem, 21 1082 INDEX

Liquid software, 1000 Maintainability, 284 McLeod, D., 306 Listserv, 911 Makedon, F., 181 McNab, R.J., 819 Live rehearsal, 632, 633–634, 637 Making of America (U. of Michigan), 803 McNamara, J., 626 Load balancing, 81–82 Malicious party, 570–571, 580 MD5, 466 Lobby runs, 798 Malware, 441, 442, 452, 470, 483, 739, MD5 (message digest 5), 509 Local application logic, 5 796, 967, 970. See also Virus(es) Mean time between failures (MTBF), Local area network (LAN), 14, 90, 205 spam and, 477 270, 317, 375, 382, 663, 666 Local bus, 90 writers of, 472 Mean time to failure (MTTF), 270, Localization, 309 Managed object, 728 375, 382 Localization program, 303 Managed service providers (MSP), 742, Mean time to recovery (MTTR), 377, 382 Local loops, 1014 746, 753 Mean time to repair (MTTR), 270, Local presentation, 5 Management Information Base (MIB), 317–317 Local reliability manager, 304 715, 718–719, 728, 1000 Measurement-based admission Local replica catalog, 73 objects contained in MIB-II, 720 control, 345 Local resource management system, 52 structure, 719 Medadata Catalog Service, 308 Location-based services, 917 versions, 719 Media. See also Storage media Location-independent algorithms, 295 Management safeguards, 357 requirements Location management, 725 Management services, 215–216 confi dential data and, 400 Location technologies, 921–922 Manager-to-manager capability, 720 evolution of, 968–969 LOCKSS, 824 MAN bandwidth, 322–323 interactive, 579 Log fi les, 641 Mandatory access control policies, rotation, 662, 668 Logging, 277 519–521 storage and portability improvements, Logical fi le name, 73 Mandayam, N.B., 182 968–969 Logic bombs, 444 Man-in-the-middle attacks, 571 Media access control, 321, 578 Long-range dependence, 330, 337 MAN (metropolitan area network) Media-Builder, 23 Long tail, 849 bandwidth, 316 Media (data storage), 648, 653 Los Angeles Times, 928, 935 Mans, B., 294 Media General, 929 Loss, defi ned, 687 Manuscripts, digital, 809 Media jitter, 757 Loss evaluation Manybooks, 806 Media recovery, 644 intangible costs, 674–675 Mapping, 215 Media richness theory, 29 tangible costs, 674 Marbach, P., 183 Media streaming, 186 Loss priorities, 348 Marchionini, G., 818 Media-streaming systems, 178–182 Lotus Notes, 19, 20 MARINE, 242–244 layered many-to-one, 178–179 Low delay code excited linear prediction B-SS&CP, 242–243 multicast one-to-many streaming, (LD-CELP), 763 service execution node, 243–244 179–182 Lowe, C., 836 Marker messages, 291 MediaWiki, 20 Low frequency (LF), 979, 984 Market, 938 Medical confi dentiality, 706–707 L0phtcrack, 586, 590 Market-based resource allocation, 127 Medium grouplet services, 23 L_port, 220, 233 Marketing business model, 917 Melissa virus, 447, 471 Lucent Technologies, 23 Markov modeling, 272–273 Memory, 82, 89 Luxtera, 97 Markov modulated Poisson process, Memory-based detection, 1015 Lynch, N.A., 286, 294, 295 332, 337, 345 Memory cards, 256 Markup languages, 64, 970 Memory cards with logic, 252 Ma, R.T.B., 175 Marshaling, 66 Memory-only cards, 252 MacGregor, G., 802 Marsland, T.A., 290 Memory pool, 992 Mach-Zehnder modulator, 1030 Mash-ups, 771 Memory stick, 667 MAC-layer attacks and defenses, 465 Mason, R., 837 Merchant certifi cation authority, 881 Macro- and micro-bending of optical Massey, D., 283 Merkle, Ralph, 511 cable, 625 Mass mailer, 470, 471–472, 483 Mesh topology, 321, 380 MacroList, 447 MasterCard, 264–266, 874, 880 Message authentication, 570 Macro viruses, 446–447, 452, 470 Master.com, 817 Message authentication code (MAC), MADAMID, 412 Matsuo, M., 1017 510, 516, 593 Mager, R., 963 Mau, S.C., 182 Message complexity, 296 Magician, 999 Maximum fl ow algorithm, 173 Message of the day (MOTD), 890, Magician Active network, 1007 Maximum transmission units 892, 896 Magnetic ink character recognition, (MTUs), 494 Message delivery, 43 875, 887 Maxion, R., 407, 408 Message digest, 495, 514, 516, 584 Magnetic remanence, 600 Maxwell, James Clerk, 974 Message Digest Algorithm, 584 Magnetic storage media, physical Mbps, 90 Message headers, 483 security for, 597–598 McCarthy, C., 802 Message ID fi eld, 138 Magnetic stripe cards, 251 McCloghrie, K., 724 Message integrity, 509–510, 739 Magnetic tape, 665 McDaniel, L.D.D., 628 MessageLabs, 632, 738 Magneto-optical WORM, 653 McDermott, J., 432 Message-oriented middleware (MOM), Mail application programming McGraw-Hill, 806 9, 43 interface, 441 McHugh, J., 417 Message passing, 87, 88, 90 Mail bombing, 480 MCI videophones, 29 Message passing interface, 47 Mail scams, 385 McLaren v. Microsoft Corporation Message Passing Interface Chameleon Mailing lists (e-mail), 734 (1999), 708 (MPICH), 84 INDEX 1083

Message Passing Interface (MPI), 80, Middleware, 9–10, 15, 33–44, 127, 148 security and privacy issues, 81, 87–88, 91 abstractions in programming, 35. 36 923–925 Message server, 8 application programming semantic web technologies, 922 Message transfer part, 236 interfaces, 43 Mobile devices, 918 Message types (msg), 288 architecture and services, 33–34 Mobile entertainment, 915 Messaging application programming authentication and, 41–42 Mobile learning (M-learning), 962, 970 interface (MAPI), 734 authorization and directories, 42–43 Mobile phone units, 770 Metacomputing Directory Service, 68 component-based, 10–11 Mobile site, 677 Metadata, 148, 827, 970 concepts, 35 Mobile technology, tourism and, 952 digital libraries and, 815–816 core and industry-specifi c solutions, Model identifi cation, 333 types of, 816 34–35 Modeling tools, 320 Metadata middleware, 147 as infrastructure, 33, 35–40 Models, 545, 550 Meta learning, 411 message-oriented middleware, 9, Model-View-Controller design MetaMachine, 160 38–40 pattern, 27 Metaschedulers, 74 procedural middleware, 9–10 Modular arithmetic, 511, 513 Metcalfe, Robert, 29, 99, 770 processes, 35–40 Modular exponentiation, 511–512 Metcalfe’s law, 770 service-oriented, 40 M-of-n codes, 275 Metro Ethernet, 322 services, 40–43 Mojo Nation, 118 Metropolitan area network. See MAN transaction middleware, 9 Molecular communication, 1034–1052. (metropolitan area network) Middleware framework, 1017–1018 See also Biological systems bandwidth MIFARE smart card, 256 active transport, 1046–1048 MFORTH, 1000 Migration, 824, 827 addressing mechanism, 1049 Mice, 327 Milgram, Stanley, 386 applications, 1035 Microelectromechanical system Milgram experiment, 386 asynchronous communication, (MEMS), 1022, 1027–1028, 1032 MIL-HDBK (Military Handbook for 1050–1051 Microfi lm, 823 Reliability Prediction of Electronic characteristics of, 1037–1038 Micromechanics, 1027 Equipment), 666 communication interface, 1049 Micromodule, 266 Miller, B.P., 413 encoding, 1036 Micropayment, 887 Miller, George, 591 engineering of, 1042–1048 Microprocessor cards, 252 Miller, Jim, 886 engineering cells using biological Microsoft. See also Microsoft Windows MilliCent, 884–885 materials, 1042–1043 Component Object Model (COM), 10 Mills, Elinor, 388 network creation techniques, Message Queue (MSMQ), 9 Minimum-weight spanning trees, 286 1049–1050 Messaging Application Programming Minitel, 844 network engineering, 1048–1051 Interface (MAPI), 8 MIRADOR, 415 overview, 1035–1037 MSNBC, 935 mIRC, 891 passive transport, 1043–1044 .NET, 10, 66 Mirrored collections, 824 propagation, 1036 NetMeeting, 756 Mirrored site, 678 receiving/decoding, 1037 .NET Framework, 35 Mirroring, 645–646, 679–680, 687 sending, 1036 Passport, 574, 880 Misra, J., 292, 295 Molecular motor, 1039, 1052 security account manager, 584 Mission-critical activities, 673, 687 MONDEX, 885 server message block protocol, 202 Mission-critical data, backup of, 639 Money laundering, 479 Simple SAN Program, 195 Missouri Historical Newspapers Monitoring & Discovery System, 60 storage area networks and, 200 Collection, The, 808 Monolithic millimeter-wave integrated viruses and Microsoft Offi ce Misuse detection, 404, 409–413 circuits, 1024 documents, 474 abstraction-based, 411 Montgomery, M., 260–261 Volume Shadow Copy Service, 647 automatic attack signatures, 411–413 Moore, A.P., 431 on Web services, 10–11 automatic signature generation/ Moore, M., 833–834 Microsoft Outlook, viruses and, 441 intrusion prevention, 412–413 Moore’s Law, 106, 584, 593, 954 Microsoft Transaction Server (MTS), 10 colored petri automata, 410–411 Morse, P., 430 Microsoft Windows, 85, 86, 89 rule-based languages, 409–410 Mosaic, 843 access control in, 525–527 state-transition analysis toolkit, 410 MOTD (message of the day), 890, access token, 526 Mitnick, Kevin, 384, 386, 387, 396, 589 892, 896 evaluation of ACLs, 526 Mixed fragments, 301 Motes, 981 impersonation and restricted Mobile agents, 241–242, 249 Motion compensation, 762, 765 tokens, 527 Mobile agent technology, 241 Motion vector, 762 inheritance, 527 Mobile carriers, payment system by, 879 Mouftah, H., 133 password cracker, 395 Mobile-code, 427 Mount, I., 862 password issues, 586, 590–591 Mobile commerce, 915–925 MPI (message passing interface), SAM, 586 application protocols, 921 80, 91 security descriptor, 525 applications, 915–917 MPICH, 87 for Smart Cards, 260 architectural components, 922–923 MPI Forum, 87 SYSKEY, 594 business models in, 917–918 Msg, 288, 291 systems privileges, 526–527 classes of, 915–16 MSNBC, 934, 935–936 Microstructure fi bers, 1024 defi ned, 915 M-TCP (migratory TCP), 283 Microsystem technology, 1027 enabling technologies, 918–922 MUD (and MUDding), 787 Microwave tags, 980 location technologies, 921 MUD Object-Oriented (MOO), 911 Middle-tier functionality, 6 revenues, 915 Mudslides, 620 1084 INDEX

Mule recruitment, 479 engineering of, using chemical NetMeeting, 769 Multi-Application BasicCard, 260 reactions, 1043 NetOp Desktop Firewall, 726 Multi-application smart cards, 259–260 logic functions, 1045 Netperf, 350 Multicast, 141–143, 206, 759–760 Nanoscale communication NetScript, 998, 999–1000 Multicasting, 134 devices, 1029 Netsourcing, 742, 749, 753 Multicast one-to-many streaming, Nanotechnology, 1022–1032 Netsplit, 891, 896 179–182 carbon nanotubes, 1026–1027 NetVideo, 756 Multicast routing, 1017 dendrimers, 1029 Network, 15 Multichannel e-commerce, 852 erbium-doped fi ber amplifi er, 1029 modeling tools, 319 Multicore Networks-on-Chip, 104–105 Mach-Zehnder modulators, 1030 monitoring tools, 317 Multidatabase systems, 299, MEMS and NEMS, 1027–1028 upgrades, 316 300–301, 309 nanoantennas, 1028–1029 Network access sharing, 184–185 Multifactor authentication, 572, 799 nano transisters, 1029–1030 Network address translation, 155, 166, Multilayered DMZ, 565, 569 photonic crystals, 1023–1024 492, 503, 556, 569, 756 Multi-Level Defense against Social quantum computing, 1024–1025 Network application programming Engineering (Gragg), 396, 397 quantum dots, 1022, 1025–1026, 1032 interface, 991 Multilevel marketing, 479 silicon photonics, 1030–1031 Network-assisted GPS, 921 Multimedia digital library, 828 single-photon devices, 1025 Network attached storage (NAS), 217, Multiobjective portfolio selection, terahertz lasers, 1031–1032 218, 230, 644, 647, 680 657–658 vertical-cavity surface-emitting laser, Network attacks, 421–438 Multipartite viruses, 452, 470 1022–1023 access attack, 459 Multipathing, 191 Nanotubes, 1022, 1026–1027, alert, 422 Multi-Person Prisoner’s Dilemma, 174 1028, 1029, 1032 analyzing attack objectives, 424–428 Multiple description code, 180 Nanowires (quantum wires), 1027 attack information, 423–424 Multiple fabric confi guration, 195 Napster, 131, 147, 152, 157–158 attack/service relationship, 424–425 Multiple-stage interconnection network Narada, 143 basic features of, 422–423 (MIN), 101 Nardi, B.A., 773 buffer-overfl ow, 429 Multiple user dimension (dungeon/ Nash equilibrium, 170, 174, 186 correlating attack complexity/ dialogue), 787 National Archives and Records severity, 425 Multipoint control unit, 758, 765 Administration (NARA), 784 countermeasure-selection guidelines, Multipolar malware, 471 National Automated Clearing House 435–437 Multiprotocol label switching, 501 Association (NACHA), 792 fl ooding, 428–429 Multipurpose Internet mail extensions National Digital Information incident response, 434–435 (MIME), 559, 734, 863 Infrastructure and Preservation intrusion, 422 Multiresolution time scale, 331 Program, 824 major challenges, 437 Multitechnique strategic methods, National Industrial Security Program monitoring, 433–434 364–365 Operating Manual, 392 need for models of, 430–431 Multitiered DMZ architecture, 566–567 National Information Standards of preventive models, 431–432 Multi-User Dungeon/Domain/ Organization, 826 reactive models, 432 Dimension (MUD), 911 National Institute of Standards and routing, 429–430 Multi-view systems, 26–27 Technology, 656, 1025 scanning, 429 MULTOS operating system, 260 National Labor Relations Act, 707, 708 security policy, 432–433 Mungi, 118 National Labor Relations Board, 707 sniffi ng, 429 Municipal utilities, 602 National Library of Australia, 825 spoofi ng, 429 Murninghan, J.K., 779 National Library of Medicine, 810 strategy for attack response, 432–435 Murphy, E., 836–837 National Physical Lab tests, 546 structural models, 431–432 MUSCLE (Movement for the Uses National Science Foundation Digital taxonomies of, 430 of Smart Card in a Linux Libraries Initiative, 802 threat, 421–422 Environment), 257 National Security Agency (NSA), 591 trends in, 425–428 MuSigs, 411 National security concerns, 700, 704 Network based fi rewall services, Mutation, 1008, 1017, 1020 National Storage Industry 560–561 Mutka, M.W., 184 Consortium, 200 Network confi guration, 716 Mutual authentication, 571 National Vulnerability Database, 424 Network data management MyDoom virus, 457 National Yiddish Book Center, 806 protocol, 647 MyProxy, 70 Natural threat sources, 356 Networked Digital Library of Theses Myrinet, 84, 94 Naylor, W.E., 760 and Dissertations, 808 MySpace.com, 389, 900 NBC News, 935 Network externalities, 845 NCE (nonresponsive commercial Network fi le system (NFS), 217, Name server, 215 e-mail), 476 233, 647 Namespace mechanism, 64 Needham, Roger, 584 Network games, 17 Nanoantennas, 1028–1029 Negative authorizations, 523 Networking, 11–13. See also Active Nanocrystal fi eld-effect light-emitting Negative claim of identity, 540, networking device, 1031 544, 550 Internet protocol stack, 12–13 Nanoelectromechanical systems Negative fi lters, 554 network access, 11 (NEMS), 1027–1028 Nelson, M., 816 network core, 11–12 Nano-electro-optical-mechanical Nest, 1016 network edge, 12 systems (NEOMS), 1028 NetIQ softward agents, 350 Networking layer attacks/ Nanomachines, 1042, 1043 NetLibrary, 805 defenses, 465 INDEX 1085

Networking paradigms, biological strategic risk models, 362–363 Nokia, 978 inspiration for. See Biologically unsuitable sweet spots, 368–369 Nonbanks, 798 inspired networking usability risk, 367–368 Nonbinary encoding, 1038 Networking sites, 389 Networks-on-Chip, 104–105 Nonce, 585, 593 Network interface controller (NIC), 91 Network-to-network signaling Noncompetition agreements, 701, 710 Network-layer performance protocols, 237 Nondigital storage media, 599 monitoring, 350 Network topologies, 320–321, 380–381 Nondisclosure agreement (NDA), 629, Network-layer VPNs, 496 Network traffi c, broadcast vs. 701, 710 Network management, 714–729 unicast, 318 Non-IP VPNs, 496 ISO functions, 716–717 Network voice protocols (NVPs), 768 Nonrepudiation, 739 layers, 715–716, 727 Neubauer, T., 658 Nonresponsive commercial e-mail mobility management in wireless Neumann, P., 430 (NCE), 476 networks, 725 Neumann and Parker’s method, 430 Nordahl-Hagen, Petter, 587 network monitors, 725–726 Neural network, 406 Nordea Bank, 796 network scanners, 726 Neuron, 1039, 1052 North American Digital Hierarchy, 322 OSI model, 714–715 Newbie, 896 Notational money, 871–872 policy-based, 726–728 New-generation networking, 248 N_Port, 207, 220, 233 protocols, 717–725 NEWPRED, 763 n-tier system, 7, 15 RMON, 724–725 Newsgroups, 16, 388 Nukes, 896 SNMP, 717–724 security and, 624 Numbered Field Sieve, 46 systems, 726 Newsome, J., 412 N-version programming, 277 tools and systems, 725–726 NewspaperArchive, 808 typical architecture, 715 Newspapers, digital collections of, 808. OAIster, 816 Network Management System (NMS), See also Online news Oanh Ha, 773 714, 728 New York Times, 932, 934, 936 OASIS, 60, 72, 865 Network monitoring, 728 New Zealand Digital Library, 819, 820 Object, 44, 403, 995 Network monitors, 726 Next-generation cluster networks, Objectifi cation, 780, 781 Network news transfer protocol, 153 93–107 Object linking and embedding (OLE), Network Node Manager (NNM), 726 case study 1: 100-Gigabit Ethernet, 10 Network outage, 687 99–100 Object management architecture Network performance, verifying under case study 2: Optical Shuffl eNet, 100 (OMA), 38 specifi c traffi c controls, 329 case study 3: Data Vortex, 100–102 Object Management Group (OMG), 10, Network performance metrics, 340 case study 4: OSMOSIS, 102 58 Network processor (NP), 1002 case study 5: OPSNET, 103 CORBA standard, 37–38 Network reliability and fault tolerance, case study 6: Chip-to-Chip SPINet, Object naming service, 978 372–382 103–104 Object orientation, 239 design considerations, 380 case study 7: Multicore Networks-on- Object replication, 679 fundamental principles, 372–373 Chip, 104–105 Object request broker (ORB), 37, 44, network architecture, 380–381 comparison of approaches, 105–106 239 network failure, 374–375 interconnection networks, 94–95 Object syntax, 719 network protection, 373–374 optical interconnection networks, Obsolescence, 664 network protocols, 381–382 95–99 OCC, 798 network recovery, 376–377 realization prospects, 106 Occam’s razor, 994 network tolerance, 373 trends, 106–107 OceanStore, 118–119, 164 redundancy, 374 Ngan, T.W.J., 179 OCLC, 811 reliability and availability, 377–382 Nicholls, C., 837, 839 O’Connor v. Ortega (1987), 708 Network Reliability and Interoperability Nicholson, D., 802 OCTAVE (Operationally Critical Council, 641 Nick, J.M., 66 Threat, Asset, and Vulnerability Network resources, appropriate Nickname, 890, 896 Evaluation), 358, 359–360, 423 use of, 624 NIC (network interface controller), 91 Octopus card, 256 Network routing, 1016–1017 NIDES/STAT, 404 Oechslin, Philippe, 586, 594 Network scanners, 728 Nigerian scam, 385, 479, 483 Offl ine digital coins, 883 Network security, 354–370, 399. See also Niksun, 739 Offsite storage facility, 682, 687 Physical security; Security; Social Nimda, 449 O’Grady v. Superior Court (2006), 699 engineering Nimrod, 74 OGSA-DAI, 74, 308 practical risk exposure estimation, Nimrod-G resource broker, 119 OGSA-DQP, 308 369–370 Ning, P., 411 Oikarinen, Jarkko, 889 practical strategic risk models, 364 Nippon Telegraph and Telephone, 756 Olive ActivePaper, 815 risk assessment, 355–356, 358–359 Nishan Systems Corporation, 198 OMII_2, 57 risk control, 356–357 N+K redundancy, 374 OMII_2 server stack, 56–57 risk management in practice, 357–358 NL_Port, 207 Omission failure, 269 risk models, 361–369 N-modular redundancy, 273 On demand computing, 127 strategic decision making and Node architecture, 991 One-copy protocol, 87 competing risks, 365–367 Node operating system, 991, 992–993, 1G, 918 strategic network security 997–1000, 1000–1003 1000-Mbps Ethernet, 321 planning, 368 Nodes, 207 One-time pad, 507, 508 strategic risk management methods, Node-to-node tunneling, 493 One-time passwords, 576–577, 585, 593 363–364 No Electronic Theft Act of 1997, 703 One-to-one verifi cation system, 544 1086 INDEX

One-way hash, 593 Open Grid Services Infrastructure, OSHA, 783 Online backup, 653 49, 66 OSI model, 15 Online banking, 791–799, 875 Open Group, 9–10 and Internet protocol stack costs of, 793 Open Library Project, 807 compared, 12 defi ned, 791–793 Open-loop systems, 873 OSMOSIS, 102 fi nancial institution regulation, Open Middleware Infrastructure OTD (organization and technology 797–798 Institute (OMII), 56–57 development), 22 future of, 798 Open Mobile Alliance, 922 Ottem, E., 193 risk and security issues, 794–798 Open Network Computing Remote Outlook for Microsoft Exchange, 734 users of, 793–794, 795 Procedure Call (ONCRPC), 9 Out-of-profi le packets, 346 Online Books Page, 805 Open Platform initiative, 261 Outsider studies, 910 Online communities, 898–911 Open-set test, 545 Outsourcer, 633, 637 aggregation mechanisms/ Open shortest path fi rst (OSPF), Outsourcing, of backup/recovery management processes, 901–902 198, 213 systems, 646–647, 676 alternate names for, 899 OpenSig community, 987 Overlay network, 148–149, 466 attributes and processes, 901–903 Open standards, 769, 775 defenses using, 464 benefi ts to members, 908–909 Open system interconnection (OSI) Overloading, 385 benefi ts to societies, 909 model, 554 Overnet, 161 benefi ts to third parties, 908–909 Open system interconnection (OSI) Owens, C., 686 characterizing attributes, 899 model for mobile Internet, 922 Oyster card, 256 defi ned, 898–900 Open system interconnection (OSI) Oyster Optics, 625 examples of, 905–906 network management model, Ozier, W., 423 history of, 903–905 714–716 Özsu, T., 302 microcontributions and, 901 layers and functions, 716 Ozzie, Ray, 156, 157 negative effects of, 909–910 Open systems interconnection, 381 norms and motivations of, 902–903 Open 2-Gb fi bre channel, 193 PAC architectural model, 24 peer review of content, 903 Open Video Project, 809 Package, 938 research methods/issues, 910–911 Operating systems, 85 Packet, 44, 327 social psychology of, 901 access control and, 523–527 Packet authentication, 499–500 supporting technologies, 900–901 Operational recovery, 376 Packet capturing, 726 timeline, 904 Operational safeguards, 357 Packet classifi cation, 345–346 types by member interest, 905–907 Operational test, 515–516 Packet-fi ltering fi rewalls, 558, 564 types by sponsor interest, 907–908 Operational transformations, 22 Packet-fi ltering gateway, 569 Online customer support, 951–952 Opportunities, lost (in downtime), 675 Packet fi lters, 726, 728 Online cybercrime, 894–896 OPSNET, 103 Packet networks, 326 Online destination management Optical antenna, 1028 Packet scheduling, 342, 346–348 systems, 949 Optical burst switching, 95 deadline scheduling, 347–348 Online fraud, 856 Optical character recognition, 812 fair queueing, 347 Online journalism, 927, 938. See also Optical disks, 665–666 priorities, 347 Online news Optical fi bers, 1024 round robin, 347 Online mapping technology, 954 Optical interconnection networks, 94 Packets-per-second (PPS), 323, 324, 325 Online news, 927–939 Optical networks, 1027–1028 Packet switching, 44 competitive dimension of, 933–934 Optical packet switching, 95, 96 Packet-switching technology, 900, 918 convergence of mass media, 928–930 Optical Shuffl eNet, 100 PAD architecture, 15 defi ned, 938 Optical signal encoding, 106 Padding, 514 economic model, 932–933 Optical signal transmission, 94 Pande, Vijay, 164 leading sites, 934–937 Optical storage media, 598–599 Pandelios, G.P., 354 markets and service models, 937–938 Optical time-domain refl ectometry, 625 PANDORA, 825 origins of, 927–928 Optical waveguides, 1023 Papadimitriou, C., 173 Web logs and wikis, 930–931 Oracle, 813 Parallel iterative matching (PIM), 323 writing and content, 931–932 Oracle On Demand, 125 Parallel processing, 79, 654 Online retail. See Electronic commerce Orange Book, 593 Parallel programming support, 87–88 Online vs. offl ine backup, 642, Ordered set, 211, 222 Parallel strategy, 381 646–647 Oregon Software Development Process Parallel system, 271 On/off model, 337 (OSDP), 22–23 Parallel testing, 683 On-site shopping, mobile, 916 Organizational culture, 772 Parallel Tools Consortium, 88 Ontology, 306 Organization and technology Parallel virtual machine (PVM), 80, Onuf v. Nikon (2001), 705 development (OTD), 22 87, 91 Open, 44 Organization for the Advancement of Parameterized synchronizer, 294 Open architecture, 194 Structured Information Standards. Parameter-sweep applications, 74 Open Archives Initiative, 816 See OASIS Parameter sweeps, 58 openBC, 389 Organization model, 714 PARASCAN, 445 OpenCard Framework, 258 OR nodes, 656 Parashar, M., 1013, 1014 Open Content Alliance, 806–807, 811 Orphan books, 810 Parasitic viruses, 470 Open Grid Forum (OGF), 48, 60 OSA/Parlay, 245 PARC, 921 Open grid services architecture, 48, 60, OSCAR, 80 Pareto-optimal, 658 66, 76, 120 OSDP (Oregon Software Development Pareto probability distribution, 334 data access and integration, 60 Process), 22–23 Parity, 646, 648 INDEX 1087

Parker, D., 430 Peace virus, 451 Periodic approach, to backup, 641 Parkinson, C. Northcote, 324 Pedophiles, 895 Peripheral component interconnect Parkinson’s law, 324 Peer, 131, 149, 166 (PCI), 82–83, 91 Parlay, 249 Peer discovery, 149 Peripheral nervous system, 1013, 1020 Parlay Group, 244–245 Peer-to-peer-based architectures, Permanent failure, 269 Parlay/SPIRITS, 247 137–148, 299, 300, 309 Permanent protection, 450 Parlay-X, 248 application layer, 148 Permutation scanning, 458 Partially self-checking circuit, 278 application-level multicast, 141–143 Perret-Clairmont, A., 834 Partition, 669 base overlay layer, 137–143 Perseus Digital Library, 820 Partitioning source data, 654 middleware layer, 143–148 Personal area networks (PANs), 920 Pask, G., 835 overlay network construction, Personal computer (coinage of Paskin, Norman, 826 138–141 term), 769 PassFaces, 592 peer discovery, 137–138 Personal computer banking, 875 Passive (static) schemes, 273 publish and subscribe, 144–146 Personal computer smart card Passive tag, 920, 977, 978, 984 security middleware, 146–147 specifi cation, 256–258 Passive transport, 1043–1044 Peer-to-peer computing, 3 Personal data protection, 692 using free diffusion, 1044 Peer-to-peer groupware, 18–19, 26, 30 children, 702–703 using impulse-based communication, Peer-to-peer (P2P) incentive issues, customer, 702 1044–1046 168–186 Personal digital assistants (PDAs), 918 Passlogix, 592 classes of techniques, 168–169 Personal identifi cation number (PIN), Password(s), 393–399, 570, fi le-sharing systems, 170–178 251, 266, 874, 887 581–594, 796 media-streaming systems, 178–182 Personal trusted device, 916 aging and reuse, 588–589 network access sharing, 184–185 Personal Web sites, 771 bypassing security of, 587 wireless information sharing systems, Personnel, as threats, 622–624. See also common password categories, 394 183–184 Personnel, physical security for cryptographic password wireless P2P systems and, 182–185 Personnel, physical security for, protection, 584 Peer-to-peer (P2P) network, 756, 758, 621–624, 627–628 guessing and dictionary attacks, 759, 765. See also Peer-to-peer (P2P) environmental hazards, 621–622 570–571 network applications; Peer-to-peer ergonomics, 622 hashing, 584–585 (P2P) network architecture personnel as resources, 621–622 length, 591–592 application development framework Persons with disabilities, 774, 775 one-time passwords, 576–577 for, 1016 Pervasive computing, 970 password-cracking tools, cheating/selfi sh behaviors on, Peterson, A. Padgett, 447 585–587, 587 136–137 P-frame, 762, 765 password history, 582–583 defi ned, 132, 149, 152–153 In re Pharmatrak, Inc. Privacy password-retrieving approaches, 586 maintenance of, 135–136 Litigation, 695 personnel security, 623 service guarantee, 136 Pharming attacks, 735, 795–796 security, 478, 583–591 standards, 136 Philips Semiconductor, 976, 979 selection guidelines, 588 Peer-to-peer (P2P) network applications, Phishing, 392–393, 400, 478–479, 589, shadow password fi le, 571 152–166 593, 701, 735, 795 sniffi ng, 576, 586–587 for communication and collaboration, Phone-to-computer calls, 20 synchronization, 589–590, 593 154–157 Phone service security, 603 “Ten Commandments” of, 583 for distributed storage, 162–164 Photonic crystal, 1032 types of, 581–582 for fi le sharing, 157–162 Photonic crystal fi ber, 1024 Password authentication protocol, historical roots of, 153–154 Photonic crystals, 1022, 1023–1024 500, 503 for massively parallel computing, Photonic integrated circuit, 103 Password-based Web access, 573 164–165 Photonic integration, 103 Password-generating tokens, 796–797 Peer-to-peer (P2P) network architecture, Physical asset identifi cation, 626 Pastry, 140–141, 142, 179 131–149 Physical fi le name, 73 “Patch” fi les, 902 application layer, 148 Physical security, 596–629 Patch management, 739 base overlay layer, 137–143 disaster recovery planning, 628 Paterson, M.S., 294 benefi ts of P2P networks, 132–135 for facilities, 609–621 PATRIOT ACT 2001, 704–705 defi nitions, 131–132 information-processing equipment, Pattern recognition, 541 limitations of P2P networks, 135–137 601–609 Pattern type, 410 middleware layer, 143–148 measure identifi cation, 627 Pay-by-phone systems, 875 Peer-to-peer traffi c, 335 passwords, 623 Payload, 452 Pei, D., 283 for personnel, 621–624 Payment, 887 Peleg, D., 286 personnel as threats, 622–624 Payment-based systems, 170–171 Peltier, T.R., 423 physical threat assessment, 626 Pay-per-click, 933 Pena-Shaff, J., 837, 839 planning, 626–628 PayPal, 791, 798, 882–883 Pen drive, 667 practice, 626–628 P-BEST, 409, 410 Penetration matrix, 430 social engineering, 623 PBX hacking, 603 Penetration testing, 627 for storage media, 597–601 PCI-bus, 83 Penny stocks, 479 for transmission media, 624–626 PCI (peripheral component Pepper, Tom, 159 “Physiology of the Grid, The: Open Grid interconnect), 91 Performance analysis tools, 88–89 Services Architecture . . .” (Foster PC (personal computer), 91 Performance management, 717, 728 et al.), 66 PDAs (personal digital assistants), 918 Performance profi ling tools, 87 Piaget, J., 833, 834 1088 INDEX

PictureAustralia, 818 Preconsumption, 950–952 Productivity, loss of PictureTel system, 756 Predators, 909 (downtime and), 674 Piggybacking, 490 Predictive congestion avoidance, 350 Profi les, 403 PIN, 887 PREDICT project, 415 Programming abstractions, 35 Ping echo and echo response Preimage resistance, 509 Programming tools, 81 messages, 350 Prelinger Archives, 809 Progression failure, 432 PKINIT, 72 Prepaid card, 876, 887 Project Gutenberg, 803, 810, 812, 820, Place-based online communities, Prerequisite, 416 827, 828 906–907 Prescription drug industry, 976 Project Muse, 808 Plaintext, 44, 506, 516, 593 Presence awareness information, Project risk management, 651 “Plain view” doctrine, 784 16, 20 Promiscuous mode, 593–594 PLAN, 1000, 1001 Presence Platform, 738 Propagation, 1036 Planar antennas, 1024 Presentation-application-data (PAD) Proprietary architecture, 194 Platform, 44 architecture, 4 Proprietary information, protecting, PLATO, 769 Presentation services, 4 700–701 Platters, 666 Presuhn, R., 724 Proprietary radio-frequency technology Playout delay, 760, 765 Pretty good privacy, 574, 577–578 systems, 879 Plenoptic function, 764, 765 PrettyPark worm, 473 Prosecution, 636, 637 PLOGI (port log-in) procedure, 215 Price-discrimination approach, 855 Protection technology, 634 Pluggable authentication module Pricing algorithms, 116 Protein, 1039, 1052 (PAM), 590 Pricing-risk factors, 114 Protocol, 44, 381–38 Pocket drive, 667 Primary avionics software set Protocol analyzers, 319, 320, 390, 726 Podcasting, 933 (PASS), 281 Protocol data units (PDUs), 718, training and, 964, 969 Primary horizontal fragmentation, 301 720, 721 Poe, Edgar Allan, 506 Primitive sequences, 211 Provider, 887 Points in call (PICs), 236 Primitive signals, 211 Prox cards, 975 Point-in-time recovery, 601 Principal, 44, 994, 996, 1010 Proximity cards, 255–256 Point-to-point protocol, 503 Printed circuits, 983 Proxy certifi cates (“proxies”), 70, 76 Point-to-point topology, 208, 209, Prisoner’s dilemma, 29, 174 Proxy objects, 25 213, 220 Privacy, 134–135 Proxy server, 8, 569, 739 Point-to-point tunneling protocol, biometrics and, 548–549 pseudo-Bayes estimator, 407 497–498, 503 biometrics and computer network Ptolemy, 76 Poisson arrival process, 331–332, 345 security, 546 Public arbitrated loop, 209–10 Poisson process, 337 computer conferencing and, 774 Public domain, 810 Policy-based network management digital library users and, 823 Public key, 44, 68, 511, 516, 574 (PBNM), 726–728, 728 e-commerce and, 856 Public key certifi cates, 574 architecture of, 727–728 electronic payment systems and, 871 Public key cryptography, 68, benefi ts, 727 employee expectation of, 784 511–514, 576 Policy communication protocols, 728 groupware and, 29 Diffi e-Hellman key exchange, Policy decision point, 728 informational, biometrics and, 549 511–512 Policy enforcement point, 728 location privacy, 924 RSA cryptosystem, 512–514 Policy management, 727 mobile commerce and, 923–925 use of, explained, 514 Policy management console, 727 RFID and, 982 Public-key encryption/ Policy repository, 727 Privacy module, 723 cryptography, 511 Pollution, 621 Privacy rights (employee) Public key infrastructure (PKI), 68, 71, Polygraph, 412 balancing business needs with, 76, 437, 514, 574, 796 Polymorphic viruses, 446, 452 692–696 e-commerce and, 849 Polyzos, G.C., 184 EU model of, 693–694 mass mailer/spam control and, 474 Ponzi schemes, 483 U.S. perspective on, 694–696 Public Library of Science, 807 POP (Post Offi ce Protocol), 8, 483 Private arbitrated loop, 209 Public loop, 216 Pornography, workplace access to, 703 Private industrial networks, 852–853 Public relations, 633, 637 Porras, P.A., 410, 415 Private key, 44, 68, 511, 516, 574 Public server security, 436 Portability, 44, 216 Private loop, 216 Public switched telephone network Portable Batch System, 73–74 Private server security, 436 (PSTN), 235, 488 Portals, 74, 76, 929, 938 Probability, 422 Publish and subscribe, 144–146, 149 Port elements, 65 Probability distributions, 326 PubMed, 810, 827 Port fi ltering, 556, 569 Procedural middleware, 9–10 PubScience, 826 Portlets, 74 Process, 15 Pulse code modulation (PCM) Port log-in procedure, 215 Process errors, 372 scheme, 763 Positive claim of identity, 540, 544, 550 Processing engine, 1002 Pump and dump fraud, 479 Positive fi lters, 554 Processing functionality, 7 Punishment, 637 Postel, Gert, 395–396 Processors, 82 Punitive damages, 636 Postmortem analysis, 637 Procom Technology Corporation, 199 Purchase card, 873 Post offi ce protocol (POP), 483, 734 Prodigy, 935 Purdue Employees Federal Credit Power conditioning, 603 Producer, 938 Union, 548 Power spectral density function, 329 Production-based expert system tool set Pure-play ASP, 753 PPay, 171 (P-BEST), 409, 410 Purpura, P., 625 Pranks, 445 Productivity, loss of, 772 Pushback, 462 INDEX 1089

Push-out schemes, 348 RAID. See Redundant array of Registered state-change notifi cations Puzzles, defenses against DDoS, inexpensive disks (RAID) (RSCNs), 216 461–462 RainbowCrack, 395, 586 Regression testing, 324 PVM (parallel virtual machine), 80, Rainbow table, 586, 594 Regulatory environment, for virtual 87, 91 Raman amplifi er, 96 workplaces, 783–785 PWDUMP2, 586 Raman effect, 1031 Reinstallation, 636 PyGridWare, 57 Rambus DRAM, 82 Relational databases, 58 Pyramid schemes, 479, 483 Ramen worm, 449 Relative entropy, 408 Random access memory (RAM), Reliability, 134, 270, 284, 377–378, 382 Qcheck (NetIQ), 350–351 91, 266 Reliability block diagrams, 377 Qiu, Y., 183 Random early detection (RED), 336, Reliability models, 271, 272 QSNet II, 84 348–349, 351 Reliable fi le transfer service, 68, Quadrics, 84 Random House, 805, 806 72, 308 Qualitative coverage, 270 Random scanning, 458 Remote-access bandwidth, 323 Qualitative risk analysis, 656 Ranganathan, K., 174 Remote-access trojans, 445 Quality metrics, 757 Rational rose (RR), 245 Remote-access VPNs, 492, 503 Quality of service (QoS), 326, 329, 337, Raynal, M., 295 Remote authentication dial-in user 340–341, 351 RCANE, 1001 service (RADIUS), 500, 503 dimensions of, 121 RC4, 508, 516 Remote backup, 653 “hard” and “soft,” 341 Reactive congestion control, 349–350 Remote disk mirroring, 679 metrics, 340 Reactive models, 432 Remote log-in, 575–576 metrics for IP networks, 341 Reader, 977–978, 984 Remote Method Invocation (RMI), 10, monitoring, 350–351 Read-only EPC, 981 239, 266 parameters, 341 Realtime blackhole list (RBL), 483 object request broker and, 37 virtual private networks and, 494 Real-time control protocol, 756, Remote mirroring, 679–680 Quantitative coverage, 270 761, 765 Remote network monitoring (RMON), Quantitative risk analysis, 656–657 Real-time protocol, 756, 761, 765 724–725, 728 Quantum bits (qubits), 1024 header fi elds, 761 Remote operations service element Quantum cryptography, 1025 Real-time scanning, 450 (ROSE) protocol, 236 Quantum-dot laser, 1025 Real-time traffi c, 340 Remote procedure call (RPC), 9–10, 35, Quantum dots, 1022, 1025–1026, 1032 Real-time transport protocols 36, 43, 63, 266 Quantum entanglement, 1024–1025 (RTPs), 768 asynchronous, 39 Quantum interference effect transistors, Receiving, 1037 transactional, 36–37 1029–1030 Receptors, 1040, 1052 Remote shopping, mobile, 916 Quantum wires, 1027 Reciprocation, 385–386, 400 Removable disks, 667 Query decomposition, 302–303 Reciprocity, principle of, 29, Removable media, handling, 668–669 Query optimization, 303–304 172–173, 186 Removable media capacity, 663 Questia, 805 Reciprocity-based mechanisms, 169 Rendezvous point, 149 Queuing theory, 326 Recombination, 1008 Repair, 373, 382, 637 Reconfi gurable antennas, 1028 Repair rate, 270 RADAR, 974 Reconfi guration, 270 Replay, 572 Radio-frequency identifi cation (RFID), Recording Industry of America Replay attack, 594 251, 256, 266, 974–983 (RIAA), 158 Replica location index nodes, 73 applications of, 975–977 Recovery, 382 Replica location service, 73, 308 auto-identifi cation and, 975 Recovery access objective, 376, 382 Replicate signal, 1019 e-commerce and, 848 Recovery block, 276–277 Replication, 24, 166, 308 economic challenges, 982 Recovery point, 276 Repository component, 27 functionality, 980–981 Recovery point objectives, 376–377, 382, Reprisal attack, 636–637, 637 future technologies, 983 642, 648, 658–659, 660, 673 Reputation, 856 microwave tags, 980 Recovery product requirements, Reputation-based mechanisms, 169 mobile commerce and, 915, 918, 643–644 Reputation-based systems, 172–173 920–921 Recovery protocol, 305 Reputation information, 29 operating frequencies, 978–980 Recovery (repair), 635 Request/response model, 38 origins, 974–975 Recovery team alert list Research, online, 910–911 physical access control for storage (calling tree), 682 Resilience. See Business resilience media, 599 Recovery time objectives, 376, 382, 642, Resilient packet ring architectures, 381 power sources, 978 648, 650, 658–659, 660, 672, 673 Resonators, 1028 principles, 977–981 Redundancy, 269, 273–276, 374 Resource Directory Description security and privacy, 974, 982–983 electronic payments and, 870 Language, 64 shortcomings, 975–976 hardware redundancy, 273–274 Resource management standards, 981 information redundancy, 274–275 data management, 72–73 system essentials, 977–978 software redundancy, 275–278 job schedulers and resource tags, 977 time redundancy, 275 managers, 73–74 technical challenges, 981–982 Redundant array of inexpensive disks metaschedulers, 74 ultrawide band, 980 (RAID), 200, 202, 218, 233, 279, tools, 81 Radio-frequency interference (RFI), 282–283, 645, 648, 679, 824 Resource managers, 73–74 606, 629 Reed Elsevier, 807 Resource reservation protocol (RSVP), Radio-frequency MEMS, 1028 Regional disaster, 672 344, 351 1090 INDEX

Resource sharing, distributed Router plugins, 1001 SCard Application Programming computations for, 291 Routers, 194 Interface, 257 Resource-sharing computations, 295 as attack platforms, 428 SC connector, 202 Response failure, 269 virtual private networks SCCP inter-ORB protocol (SIOP), 241 Response time and, 497 Scenario test, 545 measuring, 318 Routing, 182–183 Scheduling middleware, 147 recovery procedures and, 870 attacks and defenses, 465 Schema integration, 305–306, 309 Resumption, 373, 382 fi bre-channel fabric routing, 213 Schemas, 65 Retinal identifi cation, 541 Routing table updates, 318 structural confl icts between, 306–307 Return_code, 410 RSA, 516 types of possible relationships Reusable learning objects, 970 RSA algorithm, 466 between, 307 REV drives, 667 RSA Factoring Challenge, 46 Schema translation, 305–306, 309 Revenge spamming, 477 RTS (ready-to-send), 466 Schmalensee, R., 791 Revenue, lost (downtime and), 674 Rubin, S., 413 Schmidt, Eric, 388 Revenue-sharing business model, 918 Ruggedization techniques, 608 Schneider, G.P., 886 Reverse social engineering, 393, 396 Rule-based languages, 409–410 Schneier, B., 431 Reverse turning tests, 572 Rule-based sequence evaluation Schumacher, M., 432 REXX, 451 language (RUSSEL), 409 Schwartz, Candy, 801 RFID. See Radio-frequency Rules of correctness, 301 Schwenn v. Anheuser-Busch, Inc. identifi cation (RFID) Run-time environment, 266 (1998), 705 RFI (radio-frequency interference), 606 Ruppert, E., 294 SciELO, 807 RF-MEMS, 1028 Ruschitzka, M., 408 Science Direct, 807 R-GMA, 52 RUSSEL (rule-based sequence SCI (scalable coherent interconnect), 91 Rheingold, Howard, 910 evaluation language), 409 Scout operating system, 1001–1002 Riding the Bullet (King), 805 Ryu, Seung Kwan, 928 Screened subnet, 569 Rijmen, Vincent, 508 Screen-savers, 702 Rijndael, 508, 515 Saba, F., 834 Screen scraping, 771 Ring topology, 380–381 Sabin, Todd, 586 Screen sharing, 17 Risk, 361 Safari Tech Books Online, 805 Scribe, 142 Risk analysis, 356 Safeguards, 356 Scrip, 884, 887 Risk assessment, 687 Safe Harbor Agreement, 693–694 Script kiddies, 895 Risk evaluation, business impact Safes, 610 Scripts, 895, 896 analysis, 658 Sag, 629 Script viruses, 470 Risk exposure, 356 Salem, N.B., 182 SCSI (small computer system interface), Risk exposure estimation, 369–370 Salt, 584, 594 83, 205, 215, 216 empirical approaches, 369–370 SAML (Security Assertions Markup Searches and seizures, 708 qualitative methods, 369 Language), 72 Secrecy, 537 Risk management, 651–652, 660, 671, Sample, 542, 550 Secret, 580 675–676, 687 Sanctions, 636 Secret paths, 135 risk analysis, 675 Sandbox, 534 Sectors, 666 risk mitigation, 675 Sands, M., 286 Secured data transfers, 34 risk transfer, 675–676 Sanghavi, S., 176 Secure electronic transaction (SET) threat and alert analysis, 423 San Jose Mercury News, 928 protocol, 880–882 Risk model, 362 San Jose State University, 547–548 Secure Hash Algorithm 1, 584 Risk prioritization, 356 SANS Institute, 632 Secure multipurpose Internet mail Risk profi ling, 363 SANS Security Policy Project (SANS extension, 574 Risk reduction leverage, 361 2005), 785 Secure shell, 576, 594 Risk resolution, 357 SANs (storage area networks). See Secure sockets layer, 69, 574–575, 594, Risk with respect to usability, 367 Storage area networks (SANs) 796, 887 Risks due to uncertainty, 362 Santoro, N., 294 SOCKS v5 and, 500–501 Rittinghouse, J.W., 613 Sarbanes-Oxley Act, 200, 650, 681, Security, 537. See also E-mail security; Rivest, Ronald L., 466, 508, 509, 784, 797 Network attacks; Physical security; 512, 584 Satellites, 968, 1026–1027 Social engineering Robinson, S.R., 624, 627 S-box, 266 active networking, 994–997 ROCKS, 80 Scalability, 133, 149, 413 biometrics and, 546–547 Rockwell International, 281 client/server, 3 computer conferencing and, 774 Role, 537 core routers and, 344 of data, and ASPs, 751 Role-based access control policies, 521 Scalable coherent interconnect (SCI), digital libraries and, 821–823 Rollback, 276 84, 91 documents and data, 785 Rolling failures, 375 Scalable High-Performance Really e-commerce and, 848, 856 Romiszkowski, A., 839 Inexpensive Multi-Processor electronic data exchange and, 863, Root certifi cation authority, 880 (SHRIMP) system, 87 865–866 Root keys, 515 Scaling, 331 electronic payment and, 870–871 Rootkit, 452 Scams, 385, 484. See also Social employee awareness of threats to, 785 Rosetta Books, 805 engineering fi rewalls, 8 Round robin, 347 Scan, 466 grid computing, 68–72 Round-trip time (RTT), 318 Scanner, 452 Internet relay chat and, 894–896 Rourke, L., 839 Scanning, 450, 458 mobile commerce and, 923–925 INDEX 1091

national threats to, 700 Separation of duty, 522 SHRIMP system, 87 network intrusion detection, 1015 Sequence, 210, 212–213, 216, 223 Shrivastava, V., 180 online banking, 794–798, 798 Sequence-number spoofi ng, 429 Shuanglei, Zhu, 586, 594 online communities and, 909–910 Sequential strategy, 381 Sick building syndrome, 621 password, 583–591 Serial interconnect technology, 205 Side channel analysis, 252–253 peer-to-peer (P2P) networks, 136 Series system, 271 Signaling protocol, 351 protecting trade secrets/proprietary SER (seeding, evolutionary growth, and Signaling-protocol (FC-2) level, 210 information, 700–701 reseeding), 22 Signaling system no. 7 (SS7), 235, 249 removable media and, 668–669 Served collections, 824 Signature-based debit cards, 874 smart cards and, 262–266 Server, 44, 131, 149 Signpost scanning, 458 storage area networks and, 195 functionality, 7–9 Silicon, 607 storage media, 668–669 Server application attack, 459 Silicon Industry Association (SIA), 106 technologies, 785 Server clustering, 191 Silicon lasers, 1031 Web-based training, 967 Server-hosting hardware platform, 747 Silicon modulators, 1031 Security account manager, 594 Server image backup, 678 Silicon nanocrystals, 1031 Security Algorithms Group of Experts Serverless backup. See Storage area Silicon photonics, 1030–1031, 1032 (SAGE), 263 networks (SANs) Silicon waveguides, 1030–1031 Security Assertions Markup Language Server message block (SMB), 318 Simmons, U.S. v. (2000), 708 (SAML), 72, 530 Server process, 15 SIMM (single in-line memory Security awareness, 397–399 Server system, 15 module), 91 Security data backup, 640 Service control function, 237 SimpleCA, 70 Security guards, 612–613 Service control point, 237, 249 Simple gateway monitoring protocol Security incident (breach), 632, 637 Service creation environment, 238 (SGMP), 714 containment, 635 Service data point, 238 Simple identifi cation, 540 postmortem analysis, 637 Service element, 65 Simple mail transfer protocol (SMTP), restoration of data fi les, 636 Service execution mode, 243–244 16, 29, 484, 734 types of, 635 Service features, 236 Simple network management protocol Security management, 716–717, 729 Service independent building blocks (SNMP), 328, 714, 717–719, Security mechanism, 537 (SIBs), 236 729, 1000 Security monitoring, 726 Service level agreements, 114, 127, abstract service interfaces, 722 Security policy, 422, 438, 537 341–342, 351, 650, 676, 687, applications, 722–723 Security services, mobile, 916 744–745 architecture, 717–718, 721 Seeder, 162 Service logic programs (SLPs), 236, entities, 720, 721 Seeding, evolutionary growth, and 237, 242 management information base, 723 reseeding (SER), 22 Service-oriented architecture (SOA), 35, management information structure, Seed value, 577 48, 49, 63, 127, 676 718–719, 720–721 Seelye, Katharine, 932 Service recovery, 376 message fi elds, 718 Sega, 866–867 Service set identifi er, 587 message formats, 718 Seismic forces preparedness, 620 Service switching point, 237, 249 primitives, 722 Sekar, R., 414 Session, 327 protocol specifi cations, 718, 720 Self-checking capability, 278 Session description protocol (SDP), 29 security enhancement, 723 Self-encryption, 446 Session initiation protocol (SIP), 29, security weaknesses, 719, 721 Self-garbling, 446 768, 769 SNMPv2, 720–721 Self-healing failure, 375, 382 Session management, 18 SNMPv3, 721–724 Selfi sh Link-based InCentive, 173 SETI@home, 164, 165 user-based security model (USM), Self-launching malware, 472, 484 Settlement, 887 723–724 Self-limiting congestion-avoidance Sexual harassment, 894 Simple object access protocol (SOAP), algorithm, 336 Shadow password fi le, 571, 594 35, 60, 65 Self-management, 783 Shamir, Adi, 466, 510, 512 Simple on-off model, 345 Self-organizing map, 406 Shannon, Claude, 315, 507, 583 Simple power analysis, 253 Self-similarity, 330, 334, 337 Shannon’s law, 315 Simple Web Indexing System for Self-stabilization, 294, 295 SHA-1, 509–510 Humans, 817 Self-testing circuit, 278 Shapiro, J., 171 Simplex failures, 375 SELinux, 537 Shared memory, 87 Simulation testing, 683 Semantic heterogeneity, 306–307 Shared whiteboard, 17 Singh, M.P., 172 Semantic Web, 775, 922 Shared workspace, 17 Single-bit parity check, 274–275 Semiconductor laser amplifi er, 96 Shareware, 445 Single in-line memory module (SIMM), Semiconductor optical amplifi er Shearer, R., 834 82, 91 (SOA), 96 SHF (super high frequency), 980 Single loss expectancy, 657 Semijoin, 303–304, 309 Shibboleth, 822 Single-photon detector, 1026 Semipassive tag, 978, 984 Shim program, 565 Single-photon devices, 1025 SEMPER project, 886 Shock, 607 Single-photon source, 1025–1026 Sending, 1036 Shopping Assistant (AT&T), 921 Single point of failure (SPOF), 166, 374, Seneviratne, A., 176 Shopping business model, 917 380, 382 Seniornet, 908 Shortest processing time discipline, 348 Single program multiple data Sense of direction, 294 Shoulder surfi ng, 390, 395, 400 (SPMD), 91 Sensor tags, 981 Shovelware, 929, 939 Single sign-on, and password Separability, 274 Shredding of documents, 392, 600 synchronization, 589–590 1092 INDEX

Single sign-on (SSO) technology, 34, 44, example (postman as senior Source identifi er error option, 573–574, 594 physician), 395–396 993–994 Single-source multicast, 759, 765 guidelines, 400 Source traffi c statistics, 329–331 Single-source publishing, 771 instant messaging and, 737 burstiness measures, 330 Single-user architecture, 24 integrity and consistency, 387 long-range dependence and self- Sistla, A.P., 183 motivation behind, 384–385 similarity, 330 SiteKey, 589 overloading and, 385 multiresolution time scale, 331 S/Key system, 576, 585 password problems, 393–395 scaling, 331 Skills requirements, 966 reciprocation and, 385–386 simple statistics, 329 Skimming, 984 reverse social engineering, 393, 396 Southern Methodist University, 810 Skinner, B.F., 963 social proof, 387 Space-shared mode, 121 Sklyarov, Dmitry, 587 strong emotion and, 385 Space shuttle computer, 281 Skype, 20, 155–156, 756, 786, 787 techniques, 387–393 Spafford, E.H., 410, 411 Slamming, 795 testing countermeasures, 400 Spam, 474–477, 484, 632, 700–702, 703, Slow time, 372, 382 Social identity theory, 780 734, 739 Small computer system interface Social infl uence theory, 780 anti-spam policies, 482 (SCSI), 83, 205, 215, 216 Social networking sites, 389, 852, 956 categories, 476 Small offi ce, home offi ce fi rewalls, 561 Social proof, 387, 401 fi lters, 735 SmallState, 990, 991 Social psychology, online communities malware and, 477 Smarr, Larry, 46 and, 901–903 revenge spamming, 477 Smart Card Alliance, 886 Social-technical design, 30 spam bots, 445 Smartcard.NET, 260 Social validation, 387 Spanner, 1000 Smart cards, 251–266, 571–572, 793, Socks, 559 SPARC, 807 796–797, 799, 887 SOCKS v5, 500 Spector, 390 application security, 262–266 SOFTNET, 987 Speech-recognition software, 918 communication protocols, 253–256 SoftNet, 1000 SPICE (solving problems in Europay/Mastercard/Visa (EMV), Software. See also Groupware; collaborative environments), 264–266 Middleware 836–837 interfacing with applications of, abstractions in programming and, 35 Spike, 606, 629 256–259 agile software development, 22 SPINet, 103–104 managing multiple applications of, antivirus, 473, 739 Spintronic transistors, 1029 259–262 conferencing, 769 SPIRITS, 246 multi-application platform attacks, contractors, 633 SplitStream, 179 260–261 for digital libraries, 813–815 SPMD (single program multiple multi-application security e-mail fi ltering, 735 data), 91 mechanisms, 261–262 free server-based, 20 Spoofi ng, 458–459, 466, 470–471, 472, OpenCard Framework, 258 geo-location, 797 547, 576, 738 tamper resistance feature, grid computing, 67–68 Spooking, 795 252–253, 264 malicious (malware), 796 Sprocket, 1000 types of, 252 online communities and, 902 Sproull, L., 901 Smart dust motes, 981 process and service compared, 33 Spying, 390 SmartPackets, 991, 999 rented, 743 Spyware, 445, 701–702, 703, 739, 967 Smart phones, 918 RFID support, 982 SQL (standard query language), 43 Smart shelf, 978 Web services, 63–66 SSETI@home, 911 Smith, Steve, 932 Software architecture (client/server). Stajano, F., 924 Smoke, 607, 629 See Client/server computing Standard access points, 625 SMP (symmetric multi-processing), 91 Software Engineering Institute’s risk Standard Generalized Mark-Up SMTP (Simple Mail Transfer Protocol), taxonomy, 357–358 Language (SGML), 64 8, 484 Software-implemented fault-tolerance Standard query language (SQL), 43 Smurf attack, 428 computer, 279 Standby sparing technique, 273 Smyth v. Pillsbury Co. (1996), 698 Software redundancy, 275–278 Stanford Archival Repository, 118 SNAM/SSAM, 360 algorithm-based fault tolerance, STAR (self-testing and repairing Snapshots, 647, 676, 678–679 277–278 computer), 279, 281 “Sniffer” application, 390–391 error recovery, 276 Stardust@home, 164 Sniffi ng attacks, 576, 586–587, 594 N-version programming, 277 STARLITE approach, 245–246 SNMP. See Simple network recovery block, 276–277 service creation, 245–246 management protocol (SNMP) SoIP, 202 service deployment, 246 Snyder, F.W., 16 Solaris, 1001 Start of frame delimiters, 211 SOAP (simple object access protocol), Solicitations, commercial, 703 Star topology, 321 35, 60, 65, 76 Solid-state storage media, 599 State, 272 Social computing, 772, 775 Somani, A.K., 175, 183 Stateful fi rewalls, 560, 569 Social engineering, 384–401, 472, 484, Somatic nervous system, 1013, 1020 Stateful inspection, 726 589, 594, 623 Somayaji, A., 407 State-transition analysis toolkit authority and, 386–387 SONET optical carrier levels, 322 (STAT), 410 deceptive relationships, 386 Song, D., 412 State transitions, 272 defense against, 385, 396–400 Sonny Bono Copyright Term Extension Static data authentication, 265 defi ned, 384 Act (1998), 810 Static electricity, 605 e-mail and, 738 SONY Corporation, 886 Static memory, 667–668 INDEX 1093

STATL, 415 Storage media requirements, 662–669, Jiro, 200 Steady-state availability, 270 968–969 Sun Grid, 125–126 Stealth, 440, 452 handling removable media, 668–669 SunSITE, 801, 824 Steffan, J., 432 hard disks, 666–667 Sunspot activity, 603 Sterling, Thomas, 93 magnetic tape, 665 Supercomputers, 80 STIDE (sequence time-delay media options, 665–668 Super high frequency (SHF), 980 embedding), 407 optical disks, 665–666 Super-lambda services, 100 Stigmergy, 1020 removable disks, 667 Supernodes, 152 Stiller, B., 177 security, 668–669 Superpeers, 170 Stochastic behavior, of molecular selection issues, 662–664 Superposition, 1025 communication, 1037 static memory, 667–668 Suppes, P., 963 Stochastic fl uid model, 332–333, 345 Storage Networking Industry Supplementary news site model, Stock fraud, 479 Association, 198, 199–200 937–938 Stockman, Henry, 974 Data Management Forum, 676 Supply-chain management, 861, Stodden, R.A., 774 Storage over IP, 198 976, 979 Stolfo, S.J., 411, 412 Storage replication, 191 Surface plasmons, 1031–1032 Storage, 83 Storage resource management, 199 Surge, 629 Storage area networks (SANs), 85, Storage security, 436 Surge protectors, 603, 604 205, 217–233, 316, 644, 647, 652, Storage service providers (SSPs), Surveillance, 784 680–681 667, 742 Survivability, 134 applications, 192 Storage solution providers, 191 Survivable Network Analysis Method architecture and infrastructure, Storage Systems Standards Working (SNAM), 360 193–194 Group, 199 Sustainability, 828 benefi ts of, 191–192 Storage technologies, for backup/ Sustainability, of digital libraries, 826 common services, 225 recovery, 678–682 Sutton v. United Airlines, Inc. data encoding, 222 disk-to-disk backup, 680 (1999), 706 data replication and backup, 227–230 established technologies, 678–679 Swarm intelligence, 1015, 1020 defi ned, 189–191, 216 remote mirroring, 679–680 Switch, 207 design and management issues, SAN security issues, 681–682 Switched fabric, 210, 213, 214, 216, 221 194–195 storage area networking, Switched fabric topology, 209 direct attached storage, 217 680–681 Switched fi rewalls, 561 emerging technologies, 197–199 Stored program control (SPC) switching Switches, 194 FC protocol suite, 219–220 systems, 235 virtual private networks and, 497 FC topologies, 220 Stored-value card, 793, 799, 876, 885 Switching costs, 851, 852 fi bre-channel SAN applications, StrataLink, 281 Switching function, 237 226–227 Strategic risk models, 362–363 Switching state model, 236, 242 fi bre-channel SAN overview, 218–219 Stratus, 281 SwitchWare, 998 generations of, 193 Strauss, C., 657–658 Symmetric, 516 implementing (key reasons for), 191 Stream cipher, 508 Symmetric encryption, 506 interface layer, 225–226 Streaming Web seminars, 771 Symmetric fault, 375, 382 iSCSI, 230–233 Streptichron, 1005 Symmetric-key cryptography, 506–511 market/vendors/service providers, Stress, 759, 765 encryption and passwords, 509 200–202 Stretch, 759, 765 hash functions/message network attached storage, 217–218 Strike, 629 authentication codes, 509–510 as networked high-speed enterprise String search (signature based), security of, 510–511 infrastructure, 190 449–450 symmetric-key encryption, 506–509 operating system software Striping, 72, 282, 646, 648 Symmetric multi-processing (SMP), 91 components, 195 Stripping, 206 Synchronization phenomenon, 348 organizations, 199–200 Structured overlay network, 141, 149 Synchronizers, 293–294, 296 physical layer options, 222 Structured query language (SQL), 302 basic, 293–294 SAN overview, 189–195 Structure of management information parameterized, 294 security issues, 681–682 (SMI), 729 Synchronous, 970 segments, 190 Stummer, C., 657–658 Synchronous algorithm, 293–294, 296 standards, 199 Sturges, P., 823 Synchronous collaboration, 16, 18, 24, technologies and solutions, 195–197 Su, W., 295 30 Storage-centric information-processing Subject, 44, 403, 537 Synchronous digital hierarchy paradigm, 190–191 Subject-matter expert, 965 (SDH), 322 Storage consolidation, 226 Subnet spoofi ng, 458–459 Synchronous dynamic random access Storage media. See also Storage media Subscriber identity module (SIM), 262 memory (SDRAM), 82 requirements Subscription bombing, 480 Synchronous model of distributed disposal and reuse, 600–601 Substitution cipher, 506 computation, 287–288 magnetic, 597–598 Substrate, 291 Synchronous optical network, 229, 381 nondigital, 599 Suda, T., 1017 Synchronous transport signal level 1, 322 optical, 598–599 Sullivan, R.J., 794, 797 SYN fl ood, 428 physical access control for, 599–600 Sulzberger, Arthur Jr., 932 SYSKEY, 594 physical security for, 597–601 Sun, O., 173 System aging, 270 redundancy of, 601 Sun Microsystems, 259 System area network (SAN), 91 solid-state, 599 Enterprise Java Beans (EJB), 10 System bus, 82–83 1094 INDEX

System errors, 372 employee agreements, 785–786 Throughput, 98, 315–316, 325 System interdependencies, analysis employee development, 783 Thumb drives, 645, 667 of, 655 implications and directions, 786 Thumbnail image, 811 System monitoring, 438 managerial oversight, 781–783 Tiberino v. Spokane County (2000), 709 System outage, 687 nature of, 780–781 Ticketing, mobile, 916 regulatory compliance/laws/corporate Tidwell, T., 431 10-Gbps Ethernet, 84, 89, 321 policy, 783–785 Tier-based client/server Tabletop exercise, 683 rise of, 778–779 classifi cation, 5–7 Tag, 984 security, 785 TIFF (tagged image fi le format), 811 Tagged image fi le format (TIFF), 811 solitude and, 780, 782 Time-based inductive machine, 405 Tags, 64, 977 theory foundations, 779–780 Time complexity, 296 Tail drop, 348 virtual work, forms of, Time-division multiple access Tailorability, 28, 30 777–778 (TDMA), 918 Tailoring, 28–29 “Telecooperation” skills, 783 Time-division multiplexed (TDM) TaintCheck, 412 Tele-immersion, 764, 765 header, 96 Talk program, 889, 900 Telemedicine, 755 Time division synchronous CDMA, 919 Talkspurt, 327, 761, 765 Telephone communications Timeliness module, 723 Tampa Tribune, The, 929 employee privacy and, 695–696 Time magazine, 934 Tan, L., 407, 408 social engineering attacks, 391 Time of arrival (TOA), 921 Tandem computers, 279–281 Telepresence, 786 Time-of-check-to-time-of-use errors, 423 Tangible costs, 674 Teletraffi c theory, 326 Time optimization, 119 Tapestry, 164 Telnet, 153 Time-place matrix, 17–18 Tape versus disk backup, Tempest, 626, 629 Time redundancy, 275 644–645 Template, 543, 550 Time request, 254 Target, 459 Terabyte, 968 Time series, 333, 337 TARP computer, 281 Terahertz lasers, 1031–1032 Time-shared mode, 121 Tasini decision (2001), 810 ter Hofte, G.H., 23 Times Link, 935 Task-technology fi t, 27 Termination protocol, 305 Time-to-live (TTL) fi eld, 138, 466 Taxonomies, 770, 771 Terrorism, 704 Timing failure, 269 Tax overload, 772 TESLA, 465 Tippett, Peter, 592 T cells, 1014, 1020 Test and repair processor (TARP) “Tit for tat” strategy (social TCP/IP computer, 281 engineering), 386 fi bre channel over, 228 Tewksbury, David, 929 TL_Port, 207 reference model, 715–716 Texas Instruments, 979 Toffl er, Alvin, 777, 779 TCP (tranmission control protocol), 91 Text messaging, 20–21, 787 Toigo, J.W., 683, 685 congestion-avoidance algorithm, 336 Textual communication, 831, 840 Token money, 871–872 TCPdump, 406 Theses, electronic, 808–809 Tolerance, 373 TCP fl ows, 327 “Thin clients,” 19 Tollbooths, RFID and, 978 TCP SYN fl ooding, 455 Third-generation network security, Tomlinson, Ray, 733 TCPWrapper, 565 262–264 Top-down content management, 771 Team recovery steps, 682 Third-Generation Partnership Project Topic maps, 902 Teardrop, 434 (3GPP), 245, 918 Tornados, 619–620 Technical safeguards, 356 Third-party backup, 643–644 Tort, 694, 696, 701, 702, 710 Technological characteristics Third-party sponsored Tortoises, 327 perspective, 840 communities, 907 Torvalds, Linus, 85 Technological determinism, 840 Third Wave, The (Toffl er), 777 Total access communication system Technological intermediation, 781 Thomas, M., 836 (TACS), 266 Technology Thompson, K., 772 Total cost of ownership (media), 664 acceptance/adoption of, 4 Thorin, S.E., 801 Totally self-checking circuit, 278 Web-based communication tools, 770 Thorndike, R.L., 963 Toueg, S., 295 Technology media, 779 Thörner, Jan, 248 Toussaint v. Blue Cross & Blue Shield of group identity and, 780 Thread-level parallelism (TLP), 82 Michigan (1980), 707–708 Technology test, 545 “Threads,” 902 Towsley, D., 171 Tedd, L.A., 801 Threat, 361, 438 Toxic mold, 621 Tel, G., 286 Threat assessment, 739 TracePlus Ethernet, 726 Telecommunication services Threats, e-mail, 480 Traceroute, 350 mobile, 916 Threat/threat source, 356 Tracking software, 596 security of, 602–603 Threat trees, 656, 657 Tracks, 666 Telecommunications Information 3G, 263, 787, 919, 925 Trade Data Exchange, 864 Networking Architecture 3G cellular phones, 786 Trade secrets (TINA), 241 Three-layer client/server defi ned, 711 Telecommunication Standardization classifi cation, 4–5 protecting, 700–701, 704 Sector of ITU, 335 application services, 4 theft of, 597 Telecommuting/telework, 777–786 architectural framework, 5 Trade server, 116 advantages/disadvantages of, data services, 4–5 Trading partner agreement, 865 778–779, 781 presentation services, 4 Traffi c conditioning agreement ambiguity and, 780–781, 782 Three-tier system, 6–7, 15 (TCA), 346 collaboration, 779–780 Threshold detection, 434 Traffi c contract, 351 INDEX 1095

Traffi c logging, 557 standard access points, 625 Trusted hosts, 575 Traffi c management, 340–351. See also wiretapping guided, 625 Trusted service provider, 495 Capacity-planning Transparency feature (of DDBMSs), Trusted third party, 571, 577, 580 access control, 345–346 298, 309 Trust management, 536 admission control, 342–345 Transparent fi rewalls, 558 Tsunamis, 619 buffer management, 348–349 Transport/application-layer Tuecke, S., 66 congestion control, 342, 349–350 performance monitoring, 350–351 Tunneling, 489–490, 492–494 general principles, 342 Transportation Data Coordinating characteristics for tunneling overview of methods, 342 Committee, 860, 863 mechanism, 493–494 packet scheduling, 346–348 Transport layer protocols, 559 Tunnel servers, virtual private networks QoS monitoring, 350–351 Transport layer security, 796 and, 497 quality of service (QoS), 340–341 Transport model tunneling, 493 Turban, E., 886 service-level agreements, 341–342 Transport protocol data unit (TPDU), Turing, Alan, 506 Traffi c matrices, 502 255, 266 Turing test fi lter, 735 Traffi c modeling, 326–337 Transport protocols, 761 Turkle, S., 901 access-regulated sources, 335–336 Trap, 718, 720, 721, 722, 729 Tutors, 840 application-specifi c models, 334–335 Trash, personal information in, 391–392 Tuvi-Arad, I., 834 congestion-dependent fl ows, 336 Travel and tourism, 943–957 Twain, Mark, 541 continuous-time source models, airlines, 946 Twenty-four-hours-a-day continuous 331–333 customer relationship news model, 937 discrete-time source models, 333–334 management, 949 24-hour tellers, 874 packets, fl ows, and sessions, 327 destination-marketing 2G, 918 process, 328 organizations, 947 Two-node loop topology, 208 source traffi c statistics, 329–331 e-commerce activities, 948–949 Two phase commit, 304–305 use of traffi c models, 328–329 emerging marketing/management Two-phase commit, 37, 309 Traffi c monitoring, 557, 726 strategies, 948–949 2.5G, 918 Traffi c patterns, 318–319 experience as foundation of, 956–957 Two-rail checker, 278 background vs. transactional, hotels, 945–946 Two-tier system, 6, 15 318–319, 324 information technology and, 954–955 TypeID, 993 traffi c behavior, 319–320 Internet and, 949–954 traffi c fl ow, 319 network technology implications, 957 UBE (unsolicited bulk e-mail), 476, 484 traffi c load, 320 network technology role in, 944–948 UCC (Uniform Code Council), 975, 984 Traffi c shaping, 351 online destination management UCE (unsolicited commercial e-mail), Traffi c trace, 328 systems, 949 474, 484 Training richness and reach, 955 UDDI (Universal Description, Discovery business continuity planning, 682–683 tourism consumer, 956 and Integration), 60, 65 defi ned, 970 travel agencies/online intermediaries, UHF (ultra high frequency), 978, security awareness, 397–398, 399 946–947 979–980, 984 security technology, 785 travel search engines, 947–948 Ultrahigh frequency, 978, 979–980, 984 Web-based, 962–970 trends, 954–957 Ultrapeers, 152 Transaction, 550 Travel-decision support systems, 951 Ultrawide band, 980, 984 Transactional distance, 834 Traveling salesman problem, 1017 UMI Dissertation Publishing, 808 Transactional RPC, 36–37 Travelocity, 947 UMTS (universal mobile Transactional traffi c, 318 Treasury Department, 798 telecommunications system), 925 Transaction capabilities application part Tree-building procedure, 289 Unchoking, 170 (TCAP), 236 Tree-constructing algorithm, 296 Understanding Digital Libraries (Lesk), 822 Transaction costs, 854 TReno, 350 UN/EDIFACT, 867 Transaction middleware, 9 Tribe fl ood network (TFN), 429 U-net network interface architecture, 87 Transaction-processing (TP) monitoring Triple DES, 495 Unfi nished Revolution, The (Dertouzos), server, 7–8 Triple-duplex architecture, 274 954 Transaction processing (TP) Triple modular redundancy (TMR), 273 Unicast routing, 1017 technology, 37 Trizetto, 745 Unicast transmission, 759 Transceiver, 26 Trojanize, 637 UNICORE, 51–52, 60 Transient failures, 269 Trojan/trojan horse, 393, 443, 452, 470, server tier, 51–52 Transient services, 66 472–473, 739, 795, 895, 967 user tier, 51 Transient or transient voltage anti-trojan software, 474 Unidentifi ed risks, 362 surge, 629 mandatory access control policies Unifi ed modeling language (UML), 245 Transistors, 279, 1029–1030 and, 519–521 Uniform Code Council (UCC), 975, 984 miniaturization of, 1030 remote-access trojans, 445 Uniform resource locator (URL), 63, Transit networks, DDoS defenses and, Trust 64, 76 461–463 e-commerce and, 856 UniGrids project, 51 Transmission control protocol (TCP), groupware and, 29 Uninterruptible power supply (UPS), 91, 283, 319, 337, 381, 406 Trust-Aware Multicast (TAM) protocol, 604–605, 629, 645 Transmission control protocol/Internet 181 Union-represented employees, 695, 708 protocol (TCP/IP), 714 Trust-building techniques (virtual United Nations Transmission media, 624–626 workplaces and), 783 Economic Commission for Europe incidental compromising emissions, Trust-E, 856 (UNECE), 865 625–626 Trusted gateway, 559–560, 569 EDIFACT, 864 1096 INDEX

UNITY, 295 UUCP (Unix to Unix copy protocol), 153 Video weblogs (vlogs), 853 Universality, 328 UUHash, 158 Viega, J., 423 Universal mobile telecommunications UWB (ultrawide band), 980, 984 Vienna Grid Environment, 121 system (UMTS), 919, 925 View-based access control model Universal product code (UPC), 975, 984 Vaccination, 450 (VACM), 724 University of Virginia Electronic Text Valdes, A., 415 “Viewtron,” 928 Center, 805, 806 Valduriez, P., 302 Vigna, G., 412 UNIX passwords, 570, 590 Value-added network (VAN), 863, 867 Villalba, C., 839 UNIX platform, 85, 769, 889, 891 Van de Sompel, H., 816 Violence, in workplace, 700 Unlawful Conduct Using the Internet Van Hove, Leo, 886 Virtual communities, 952 (Executive Order 13133), 894 van Slyke, H., 886 Virtual currency, 183 Unmarshaling, 66 VAN (value-added network), 867 Virtual Data Grid, 120 Unsolicited bulk e-mail (UBE), 476, 484 Varian’s analysis, 171–172 Virtual fi rewalls, 560–561 Unsolicited commercial e-mail (UCE), Vcc, 254 Virtual interface architecture (VIA), 84, 474, 484 Vector clocks, 290 86, 87, 197–198, 202 Unstructured overlay network, 149 Vendor-client relationship, 743–745 Virtualization, defi ned, 781 Untrusted service provider, 495 Vendor list, 682 Virtual libraries. See Digital libraries UPC (universal product code), 975, 984 Ventilation, 621 Virtual link, 139 Uplink time of arrival (UL-TOA), 921 Verduyn, Bruce, 441 Virtual meeting rooms, 764 Up time, 372 Verifi cation, 540, 550 Virtual Memory-Mapped URL (uniform resource locator), 63, Verifi er, 261 Communication (VMMC), 86, 87 64, 76 VeriFone, 880 Virtual message, 1004–1005 U.S. Patriot Act, 704–705, 784 VeriSign CA, 574, 856 Virtual organization, 46, 60, 122, 127 Usability risk, 367–368 Verma, D.C., 133 Virtual private networks (VPNs), 323, Usage monitoring, 557 Version control, 17 437, 488–503, 739, 747–748, USA Today, 934, 936–937 Versioning, 24 753, 759 USA Weekend, 936 Versioning backup, 678–679 defi ned, 488, 503 USB drives, 645, 667, 796 Vertical ASP, 745, 753 extranet VPNs, 491, 492 security threats and, 393 Vertical cavity surface emitting laser, fi rewall functionality and, 557 Usenet, 16, 153–154, 911 104, 1022–1023, 1032 gateway, 489–490 Use policies, 739 Vertical fragments, 301, 302 hardware components, 496–497 e-mail, 735–736 Very-large-scale integration designs, 278 implementations, 496 instant messaging, 737–738 VIA (virtual interface architecture), 91 intranet VPNs, 490–491, 492 User, 537 Vibrations, chronic, and equipment manageability of, 489 User application (UAP) objects, 241 damage, 607–608 performance of, 489–450 User-based access control model Vicinity cards, 256 protocols used by, 497–501 (UACM), 729 Vickrey-Clarke-Groves based quality of service support, 501–502 User-based security model (USM), analysis, 183 remote-access VPNs, 492 723–724 Victim-side defenses, 460–461 security, 488, 489, 494–496 User community, 319 Video compression, 762–763 tunneling, 492–494 User datagram protocol (UDP), 718 Videoconference, 769. See also types of services, 490–492 User-fee business model, 917 Computer conferencing; workforce mobility and, 489 User fi les, 640 Videoconferencing Virtual reality (VR), 911 User interface components, 26 defi ned, 16 Virtual routers, 490 User interface framework, 25 employee monitoring via, 784–785 Virtual teams, 777, 778 User-launched malware, 472, 484 multi-user technologies, 786 closed and open, 783 User-level middleware layer, 113, 116 right to privacy vs. right to know, 784 managerial oversight of, 781–783 Username, 410 single-user systems, 786 relationship interdependencies, User-to-network interface, 237 telework and, 779–780 782–783 User-to-user applications, mobile, 917 wireless, 917 Virtual topology control, 139 Utilities, 601–603 Videoconferencing, 755–764 Virtual tours, 950–951 municipal, 602 audio representations, 763 Virtual work. See also Telecommuting/ telecommunications service, CoMeCo, 23 telework 602–603 conferencing architectures, 757–758 international, 784 water, 603 defi ned, 755 records and e-mail, 784 Utility computing, 110–127, 127 gaze awareness, 764 Virtual workplaces, and e-mail/Internet benefi ts of, 110–111 history of, 756 use policies, 697–699 challenges, 113–115 human factors, 757 Virus(es), 444, 632, 635, 734, 735, 739, grid potential as environment for, ITU-T H.323 standard, 29 787, 795. See also Worms 111–112 networking issues, 759–761 decreases in, 425–426 industrial solutions for, 122–126 potential uses of, 755 defi ned, 438, 441–442, 484 layered grid architecture, 113, tele-immersion, 764 detection techniques, 449–451 116–117 video representations, 762–763 determining computer infection, 442 standards organizations, 114 Video Electronics Standards Association e-mail and, 447–449, 470 utility-based resource allocation, (VESA) local bus, 82 fi rst-generation viruses, 446 117–122 Video over Internet protocols, 970 history of, 440–441 utility grids, 115–117 Videotex, 844 Internet relay chat and, 895 Utility grids, 112, 115–117 Video-traffi c modeling, 335 macro viruses, 446–447 INDEX 1097

network resource exhaustion, 283 Web 2.0, 849 Weighted fair queuing, 347 non-PC-platform viruses, 451 Web application, 770, 774, 775 Weinstein, I.M., 773 prevention and protection Web authentication, 573–575 Welch, J., 286 techniques, 451 certifi cates, 574 Wellman, B., 774 RFID and, 983 password-based Web access, 573 Wells Fargo, 791 scanners, 399, 557 secure sockets layer, 574–575 Whiteboard, 769, 770, 774, 775 virus-creation kits, 446 single sign-on, 573–574 White-box testing, 423 virus-to-e-mail ratio, 967 Web-based training, 962–970 Whitelisting, 474 Virus-specifi c scanner, 484 bandwidth and access, 967–968 Whitewashing, 169, 185 Visa, 264–266, 880 best instructional practices in, Whois database, 624 Visitor location register (VLR), 725 964–965 Wide area network (WAN), 91, 747, 753 Vixie, Paul, 476–477 challenges, 962 bandwidth, 205, 316, 322 Vocation communities, online, 906 defi ned, 970 edge network and, 381 Vocoder, 765 development costs, 965 remote mirroring and, 679 Voice over Internet protocols (VoIPs), economic factors, 965–967 WiderNet, 820–821 16, 20, 30, 755–756, 768, 770, 787, evolution of media, 968–969 Wide sense stationary (WSS) 967, 970. See also Skype; Vonage fundamental training principles process, 329 Voicemail, 20 and, 963 Widup, S., 683 Voice over protocol (VoIP) materials and instructional WiFi, 918, 919, 925 technology, 244 activities, 964 Wiglaf Beowulf cluster, 79 Volatility, 639–640, 648 multimedia enhancement of, 964 Wijnen, B., 723–724 Volcanic ash, 620 potential advantages of, 962 Wiki, 900–901, 902, 911, 939 Volonino, L., 624, 627 roles, practices, tools, 964 Wikimedia, 931 Voluntary tunneling, 493 security issues, 967 Wikinews, 931 VOMS (Virtual Organization trainess with special learning needs, Wikipedia, 901, 902, 931 Membership Service), 72 966–967 Wikis, 17, 20, 770, 771, 931 Vonage, 786, 787 Web-based worm, 458 Wikitorials, 935 Von Zuben, F.J., 1012 Web browsers, 7 Wild, in the, 452 VSGI, 786 Web browser security WildPackets’ Etherpeek, 726 Vulnerability/vulnerabilities, 356, 361, certifi cates and, 515 Willcocks, L., 749 484, 739 Web bugs, 445 Williams, R.C., 354 Web cams, 388 Willits, F., 833, 834 WAE (wireless application Webcast, 939 WiMAX, 786, 787 environment), 923 Web collaboration, 769 Wind damage, 602 Wager, W., 963 WebEDI, 863 Wind forces preparedness, 619–620 Wagner, D., 408 Web edition, 939 Windows. See Microsoft Windows Waldbusser, S., 724 Weber, R., 172 Windows for Smart Cards, 260 Wallach, D.S., 179 WebGlimpse, 817 Window sharing, 17 Wallclock, 1005 Web logs, 389–390, 853, 930–931, 939 Windows Messenger, 20–21 Walled garden approach, 844 Web of trust, 580 Windward (Alpharetta, GA), 786 Wall Street Journal, 932, 937 Web page spoofi ng, 429 Winzelberg, A., 901 Wal-Mart, 867, 976 Web portals, 929 Wired equivalent privacy protocol, 578 WAN. See Wide area network (WAN) Web server, 7, 8 Wireless access protocol (WAP), 921, Wang, K., 412 Web Service Description Language, 65 922–923, 925 Wang, M., 1017 Web Service Resource Framework, 307 Wireless application environment Wang, W., 176, 183 Web services, 10–11, 63–66, 76 (WAE), 923 Wang, X.S., 411 namespace mechanism, 64 Wireless application PKI (WPKI), 924 Wanken, J., 406 putting it together, 65–66 Wireless application protocol (WAP), 878 WAP identity model (WIM), 924 schemas, 65 Wireless centers, 927 WAP (wireless access protocol), 921, SOAP, 65 Wireless devices, and 922–923, 925 XML (extensible mark-up nanotechnology, 1028 “Wardriving/warwalking/wardialling,” 391 language), 64 Wireless enablers, 7 Warm failover, 373 Web Services Defi nition Language, 49, Wireless Ethernet Compatibility Warm site, 677 63, 77 Alliance, 919 Washington Post, 936 Web services deployment descriptor, 66 Wireless fi delity (WiFi), 919, 925 Wasko, M.M., 901 Web Services Description Language, 60 Wireless gateways, 7 Watchdog timers, 273–274, 281 Web Services Resource Framework Wireless information sharing systems, Watermarks, 822 (WSRF), 60, 76 183–184 Water utilities, 603 specifi cations, 49–50 Wireless LANs (WLANs), 321, Watson-Watt, Robert, 974 Web Services Security (WS-Security), 44 919–920, 925 Wavelength-division multiplexing Web services standard (W3C 2005), 248 security, 436–437 (WDM), 229–230 Web sites Wireless markup language (WML), 7, Wavelet functions, 331 development of, 948 921, 923, 925 Wayback Machine archive, 824 personal, 771 Wireless networks, 578–579, 918 Web, 962, 970 social networking, 900 (See also computing on, 295 blog rings, 900 Online communities) denial of service attacks, 454 mail, 484 WebSphere MQ, 9 e-commerce and, 847–848 as training tool, 969 Weibull probability distribution, 334 mobility management in, 725 1098 INDEX

Wireless personal mobile computing EU model of, 693–694 and electronic data exchange, systems, 786 U.S. perspective on, 694–696 863, 865 Wireless server, 7, 8 World Customs Organization, 864 XML-based Web services, 7, 774, 775 Wireless systems, 967–968 Worldwide interoperability for XPAT search engine, 816 Wireless technology microwave access. See WiMAX XSD (XML schema defi nition) mobile payment systems, 878–879 Worldwide name (WWN), 209 language, 65 security and, 738 World Wide Web, 334, 769, 962 xSP, 753 trends, 786 World Wide Web Consortium, 65 X12 standard, 864 Wireless telephony application interface World Wide Web Virtual Library, 808 Xu, B., 183 (WTAI), 923 Worms, 412, 425, 438, 442, 443–444, Xu, D., 178, 412 Wireless transport layer security 471, 472, 484, 739, 895, 967. See (WTLS), 923–924 also Virus(es) Yagan, Sam, 160 Wireless videoconferencing, 917 fi rst and third generation, 448–449 Yahoo! News, 934 Wireshark protocol analyzer, 390 history of, 440–441 Yamauchi, Y., 773 Wire-speed forwarding, 323, 325 outbreaks, 635 Yang, B., 171 Wiretapping, 625, 695, 704 trends in, 427–428 Yang, Z., 290 Witteman, M., 261 worm disks, 653, 665 Ye, F., 465 Witten, I.H., 819 Wrappers, 55, 257 Ye, S., 181 Wizard, 448 Write-once-read-many (WORM), 665, 977 Yeung, M.K.H., 184 WLA (wireless LANs), 925 WS-Addressing, 50 Yield-management information WML (wireless markup language), 925 WS-BaseFaults, 50 systems, 946 Wolff, E., 769 WS-BaseNotifi cation, 50 YouTube, 827, 854 Wolfson, O., 183 WS-BrokeredNotifi cation, 50 Ytalk, 889 Wongrujira, K., 176 WS-Inspection Language, 65 Yu, B., 172 Wooley, David, 769 WS-Notifi cation, 50 Woolley v. Hoffmann-La Roche, Inc. WS-Resource, 76 Zamboni, D., 408 (1985), 708 WS-ResourceLifetime, 50 Zatko, Peiter “Mudge,” 586 Work area recovery, 673, 687 WSRF::Lite, 53–54 ZeitControl, 260 Worker nodes, 52 WSRF.NET, 54–55 Zennström, Niklas, 155, 158 Worker’s Compensation, 783 WS-ServiceGroup, 50 Zero-copy protocol, 87 Workfl ow editors, 74–76, 77 WS-Topics, 50 Zero down time, 679, 687 Workfl ow management, 17 Wylder, J., 628 Zero-effort imposter, 544, 545, 550 Workfl ow scheduling, 120–121 Zero-time-windows backup, 189 Workload management system, 52 XACML (eXtensible Access Control Zhang, H., 180 Workplace Markup Language), 530–531, 532 Zhang, L., 283 computer conferencing XA standard, 37 Zhu, S., 465 implementation, 772–773 Xerox Labs, 921 Zines, 928, 938, 939 hostile work environment, 689, 696, Xerox PARC, 99 Zip disk, 667 703, 706, 710 X 400, 8 Zmud, R., 780 violence, 700 XHTML, 925 Zombies, 456, 457, 473 Workplace access to pornography, 703 Xiang, D., 408 Zone Labs, 738 Workplace privacy XML (extensible markup language), 64, Zone services, 215 employee’s right to privacy, 692–696 77, 774, 775, 921 ZoomInfo, 389