Issue No. 04 - July/August (2005 vol. 7)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MITP.2005.97
Control the Congested Flow
Network Congestion Control: Managing Internet Traffic, Michael Welzl. Scheduled for publication in September, this book explains congestion control without the heavy math. It also aims to provide understanding of the evolution of Internet congestion control: how the Transmission Control Protocol works, why it works the way it does, and why some congestion control concepts failed for the Internet. After explaining the Chiu/Jain vector diagrams, the author introduces a new method of using these diagrams for analysis, teaching, and design, and also elaborates on how the theory of congestion control impacts the practicalities of service delivery.
An appendix contains examples and problems to assist learning; the accompanying Web site provides Java tools for teaching congestion control, as well as examples, links to other code and projects, and a bibliography. Besides an overview of the state-of-the-art in congestion control research, the author predicts what the future holds for the technology.
Wiley, Inc.; ISBN 0-470-02528-X; 280 pp.; $120.
Network Security Tools, Nitesh Dhanjani and Justin Clarke. Many security professionals hear the call for vendors to take responsibility for more-secure chat room products. The authors of this book claim there are open-source security tools to help with this task. They discuss how to modify, customize, and extend popular open-source security tools, such as Nikto, Ettercap, and Nessus.
This guide discusses the common customizations and extensions for these tools, and then shows how to write even more specialized attack and penetration reviews suitable for unique network environments. It also explains how tools like port scanners, packet injectors, network sniffers, and Web assessment tools work.
Some of the topics covered include writing network sniffers and packet injection tools; writing plug-ins for Nessus, Ettercap, and Nikto; developing exploits for Metasploit; code analysis for Web applications, and writing kernel modules for security applications.
O'Reilly; ISBN 0-596-00794-9; 352 pp.; $34.95.
SQL Server Magazine Connections
7-10 November 2005
Held to celebrate the launch of SQL Server 2005 and Visual Studio 2005, this conference targets IT professionals who are network managers and developers; all attendees will each receive a copy of SQL Server 2005 and Visual Studio 2005.
Conference sessions fall into four main areas: developer, database administration (DBA), business intelligence, and Microsoft day SQL Server. The "Converting a Traditional OLTP Application into SOA Using SSB" session will cover the design considerations and benefits of using the SQL Service Broker to implement an OLTP application. The "Bare Metal Tuning" session will teach you a series of quick rules of thumb that help properly gauge the CPU, memory, backplane, and networking resources required for a strong SQL Server installation.
In addition to speakers, pre- and postconference workshops available for additional fees. "A DBA's Guide to Visual Studio 2005 and SQL Server 2005" targets DBAs who might not feel comfortable working with Visual Studio, Visual Basic, C#, and the .NET framework. These workshops aim to help attendees get up to speed on Visual Studio .NET 2005, including information on how it integrates with SQL Server 2005 and the procedures, tools, and fundamental concepts used to work with the .NET framework.
The "Architecture for Distributed Smart Client Systems" session presents a layered architecture for a tiered system that uses smart clients as its primary user interface, and this architecture includes new layers specifically for the client machine. The session also will discuss the implementation of these layers, along with other best practices for distributed smart client systems.
Networking Decisions Conference
14-16 November 2005
The conference program seeks to help simplify the IT decision-making process, examining trends and issues in network security, voice over Internet Protocol (VoIP), convergence, enterprise wireless, and network management.
The network security track will include the session, "You Can Persuade Upper Management to Double Down on Network Security," which will cover communication strategies, including what to say and what not to do; how to establish your credibility; ways to show how network security provides business value; and practical skills to apply in facilitating the decision-making process for security issues.
"Five Simple Steps to a Secure Network Infrastructure," another network security session, explores the ways a network infrastructure can expose an organization to undue risk, how to plug gaps in security, and methods for obtaining the maximum security from a limited budget. The session will also cover high-risk assets, different types of security assessments, how to determine what assets are most valuable to an organization, and five steps toward a secure network infrastructure.
Wireless LAN Standards
This table provides quick information on wireless LAN (local area network) standards, such as IEEE 802.11, Bluetooth, and HomeRF. It lists data rates, modulation schemes, and security types. These, in turn, link to more detailed explanations of each characteristic. For example, the table identifies FHSS as one of the 802.11 standard's modulation scheme; if you follow the FHSS link, the new page will define frequency-hopping spread spectrum modulation.
Digging into Data Mining
Predictive Data Mining: A Practical Guide, Sholom M. Weiss and Nitin Indurkhya. This guide shows how data mining works and its appeal to financial, manufacturing, marketing, and health care organizations.
Case studies offer descriptions from owners of retail dot-com sites; they discuss what makes their companies successful and offer advice. The authors use e-facts throughout the book to provide demographics and statistics related to e-commerce.
The book explores the data-mining process and shows how to prepare data for manageability. It points out how the analysis of mined data can range from simply adding up scores for selected features to statistical analysis to even neural networks analyses.
In focusing on the preparation and organization of data, the authors also discuss how to develop an overall strategy for data mining. They summarize sophisticated prediction methods that search for patterns in big data and how to accurately estimate the future performance of proposed solutions. Real-world case studies illustrate the data-mining process and its potential pitfalls.
Morgan Kaufmann; ISBN 1-55860-403-0; 228 pp.; $31.65.
Business Process Management
22-23 September 2005
Cochaired by Janelle Hill of Gartner and Brett Champlin of the Association for Business Process Management Professionals (ABPMP), BrainStorm's Business Process Management Conference series will provide insight to business and IT workers looking to apply process thinking to business processes for organizations.
Attendees can participate in one-on-one brainstorming sessions—a paid registration includes three 20 minute meetings with analysts and selected presenters.
Additional attendee benefits include complimentary membership to the BPMInstitute.org in 2005, an attendee list, issues of industry publications, access to post-event sessions at BrainStormU.com, and research reports from analyst partners. Extended educational sessions detail technology advancements, best-of-breed solutions, and trends in business process management.
Business professional topics include enterprise BPM, business drivers, BPM and performance management, process analysis and design, and business process modeling. Technology professional topics include business rules, BPM standards, service-oriented architecture, governance, and compliance.
Business Intelligence Pipeline
As part of the TechWeb Business Technology Network, this site offers links to news, trends, how-tos, a product finder, analysis/reporting, integration, data sources, and business process management.
They cover topics such as labor management, process automation, process management, process modeling, and supply chain automation. Techwebcasts in some sections cover both editorial and vendor perspectives. Visitors can sign up for a free e-mail newsletter or browse a blog in the trends section; recent topics include databases, training, and marketing.
DM Review Magazine
Now in its 15th year, DM Review delivers editorial written for corporate executives and IT managers. The main page contains links to recent industry news and a sidebar of links will take visitors to resource portals covering business intelligence, compliance, customer data integration, data integration, data quality, data and warehousing basics. The Business Intelligence Portal (sponsored by Neteeza), contains white papers, books, and other resources. Certain parts of the Web site require registration to access, and current and past issues of the magazine are viewable online for free. Qualified visitors can also subscribe to the publication in hard copy form for free.
DCI's Business Intelligence and Data Warehousing Conference
27-29 September 2005
The focus of this event is best practices in the fields of business intelligence, data warehousing, and performance management. It targets several levels, from CIOs to business intelligence managers, integrators, technical analysts, programmers, and IT consultants.
Attendees can help develop a roadmap to implement business intelligence, data warehousing, and business process management strategies; learn how to provide individuals in an organization with access to relevant, timely and accurate information; and prioritize IT investments. The conference sessions also cover the role, value, and impact of executive dashboards, strategy maps, and balanced scorecards.
The Designing Effective Solutions track emphasizes the steps and processes for collecting functional requirements for practical technical architectures that support business needs for information. Presentations in this track focus on best practices for developing an enterprise information management strategy, conducting a readiness assessment, gathering functional requirements, performing an information gap analysis, and evaluating technical architectures.
Another track at the conference is Managing and Developing Solutions. Designed for individuals who want to understand techniques and approaches for managing and developing technology solutions, this track focuses on best practices for managing projects and defining project team characteristics.
Adding Value through Information
Business Intelligence in the Digital Economy, Mahesh Raisinghani. This book describes business intelligence, how companies are conducting and managing it, and its major opportunities, limitations, issues, and risks.
The author also examines global technological change and business intelligence . He contends that during the transition to business intelligence, information does not merely add efficiency to the transaction, but also adds value. Companies that can leverage the speed and ubiquity of digital communications will have an advantage.
A faculty member at the Graduate School of Management, University of Dallas, the author teaches MBA courses in information systems and e-business, and serves as program director of e-business.
Idea Group Publishing; ISBN 1-591-40280-8; 350 pp.; $64.95.
Just the Facts on Decision Support Systems
Decision Support Systems: Frequently Asked Questions, Daniel J. Power. The author of this book has spent almost 30 years building, studying, and teaching others about computerized decision support systems. As editor of DSSResources.com, he can track a broad range of contemporary DSS topics.
In this book, the author answers 83 frequently asked questions about computerized decision support systems. It covers contemporary topics, organizing questions into eight chapters, answering the following questions along the way: What is a DSS? What type of DSS is appropriate Does data modeling differ for a data-driven DSS? Is a data warehouse a DSS? What is a cost estimation DSS? What is a spreadsheet-based DSS?
The book targets IT specialists, students, professors, and managers.
iUniverse, Inc.; ISBN 0-595-33971-9; 252 pp.; $20.95.
Guide for a CxO
The Executive Guide to Information Security: Threats, Challenges, and Solutions, Mark Egan and Tim Mather. This book offers business leaders realistic, step-by-step recommendations for evaluating and improving information security in any enterprise. From start to finish, the focus is on action: what works and how to get it done. Whether you're a CxO, a line-of-business executive, or an IT executive who needs to get colleagues up to speed, this book offers a nontechnical, business-driven security briefing that includes understanding your security challenges and obligations, trends in security attacks, systematically identifying your risks and vulnerabilities, and effective executive leadership, governance, and metrics.
Addison-Wesley Professional; http://www.awprofessional.com/symantecpress; ISBN 0-32-130451-9; 288 pp.; $34.99.
Focusing on Files
File System Forensic Analysis, Brian Carrier. The author begins with an summary of investigation and computer foundations and goes on to provide an authoritative, comprehensive, and illustrated overview of contemporary volume and file systems, including crucial information for discovering hidden evidence, recovering deleted data, and validating your tools. Along the way, the book describes data structures, analyzes example disk images, provides advanced investigation scenarios, and uses today's most valuable open source file system analysis tools.
Addison-Wesley Professional; ISBN 0-321-26817-2; 569 pp.; $49.99.
Computer Forensics: Computer Crime Scene Investigation, Second Edition, John R. Vacca. This updated book and CD package provides a complete overview of computer forensics from information security issues to crime scene investigation, seizure of data, determining the "fingerprints" of the crime, and tracking down the criminals. The companion CD contains demos of the latest computer forensics software.
The author provides numerous exercises, case studies, and vignettes of actual crimes that enhance the topics under discussion and provide the reader with solutions to computer crime in the real world.
Charles River Media, Inc; ISBN 1-58450-389-0; 600 pp.; $49.95.
Computer Forensics World
Computer Forensics World is a growing community of professionals involved in the forensics industry. As an open resource that is free to all, Computer Forensics World strongly encourages the sharing of information and peer-to-peer assistance. Among other resources, the community offers a range of interactive facilities, including surveys, forums and posting areas for information and papers.
InfoSec Institute: Information Security Training
The InfoSec Institute was founded in 1998 by a group of information security instructors who wanted to build a business by offering the best possible training experience for students. Unlike other training companies that have been founded by nontechnical business people, the InfoSec Institute deeply understands the needs of today's IT professionals and has positioned itself to offer world- class training. Its wide range of security-specific classes help a diverse group of customers get the training they need. Customers include the Central Intelligence Agency, Verizon, Microsoft, and many others.