the definitive resource on information and … · on information and computer security ... amel...
TRANSCRIPT
The Definitive Resource on Information
and Computer Security
EDITED BY HOSSEIN BIDGOLI, CALIFORNIA STATE UNIVERSITY,
BAKERSFIELD, CALIFORNIA
This definitive 3-volume Handbook offers coverageof both established and cutting-edge theoriesand developments on information and computersecurity. Among industries expected to becomeincreasingly dependent upon the information andcomputer security and active in understanding themany issues surrounding this important and fastgrowing field are: government agencies, military,education, libraries, health, medical, lawenforcement, accounting firms, law firms, justice,manufacturing, financial services, insurance,communications, transportation, aerospace,energy, biotechnology and utilities.
Volume I: Key Concepts, Infrastructure, Standardsand Protocols
Volume II: Information Warfare, Social, Legal, andInternational Issues and Security Foundations
Volume III: Threats, Vulnerabilities, Prevention,Detection and Management Contents
aSPECIAL PRE-PUB OFFER!
Individual volumes: $250 each through 1/31/06; $300 thereafter
Three-volume set: $750 each through 1/31/06; $900 thereafter
“The Handbook of Information Security is . . . a must have reference!”
—Donn B. Parker, CISSP, Author and retired Senior Information Systems Management Consultant
Cutting-edge topics
Chapter-at-a-glance for your convenience
Detailed reference guide
Illustrationsthroughout
Easy-to-readtypeface
KEY FEATURES:■ The Handbook provides researchers and managers with asolid coverage of the core technologies and applications inthe information security field.
■ Articles in the Handbook have been rigorously peer-reviewedby more than 1,000 experts chosen from around the world.
■ Includes more than 200 articles from over 200 leading experts.
■ Each article follows a unique format including Title andAuthor, Glossary, Abstract, Introduction, Body, Conclusion,Cross-references, and Bibliography. This unique format assiststhe readers to pick and choose various sections of an articleand also creates consistency throughout the entire series.
CONTRIBUTORS FROM AROUND THE WORLD...Australia, Austria, Canada, China, France, Germany, Hungary, Italy, United Kingdom, United States
ISPECIAL PRE-PUB OFFER! INDIVIDUAL VOLUMES $250 EACH THROUGH 1/31/06; $300 THEREAFTER
Volume 1: Key Concepts, Infrastructure, Standards and Protocols (0-471-64830-2)Volume 2: Information Warfare, Social, Legal, and International Issues and Security Foundations (0-471-64831-0)Volume 3: Threats, Vulnerabilities, Prevention, Detection and Management (0-471-64832-9)
THREE VOLUME SET $750 THROUGH 1/31/06; $900 THEREAFTERHandbook of Information Security, 3 volumes (0-471-64833-7)
Part 1: Key Concepts and Applications Related to Information Security
Internet BasicsHossein BidgoliCalifornia State University, Bakersfield
Digital EconomyNirvikar SinghUniversity of California, Santa Cruz
Online Retail Banking: SecurityConcerns, Breaches and ControlsKent BelascoFirst Midwest Bank, Itasca, IL Siaw-Peng WanElmhurst College
Digital Libraries: Security and Preservation ConsiderationsCavan McCarthyLouisiana State University
E-Mail and Instant MessagingBhagyavatiColumbus State University
Internet Relay ChatPaul L. WittTexas Christian University
Online CommunitiesLee SproullNew York University
Groupware: Risks, Threats andVulnerabilities in the Internet AgePierre BalthazardArizona State UniversityJohn WarrenUniversity of Texas, San Antonio
Search Engines: Security, Privacyand Ethical IssuesRaymond WismanIndiana University Southeast
Web ServicesAkhil SahaiHewlett-Packard LaboratoriesPalo Alto, CA Sven GraupnerHewlett-Packard Laboratories Palo Alto, CA Wooyoung KimUniversity of Illinois, Urbana-Champaign
Electronic Commerce Charles SteinfieldMichigan State University
EDI SecurityMatthew K. McGowanBradley University
Electronic Payment SystemsIndrajit RayColorado State University
Intranets: Principals, Privacy and Security ConsiderationsWilliam T. SchianoBentley College
Extranets: Applications,Development, Security and PrivacyStephen W. ThorpeNeumann College
Business-to-Business Electronic CommerceJulian J. RayUniversity of Redlands
Click-and-Brick Electronic CommerceCharles SteinfieldMichigan State University
Mobile Commerce Vijay AtluriRutgers University
E-Education and InformationPrivacy and SecurityWilliam K. JacksonSouthern Oregon University
Security in E-LearningEdgar R. Weippl Vienna University of Technology,Vienna, Austria
E-GovernmentShannon SchelinThe University of North Carolina,Chapel HillG. David GarsonNorth Carolina State University
E-Government Security Issues and MeasuresWilliam C. BarkerNational Institute of Standards and Technology
International Security Issues of E-GovernmentKarin GeiselhartUniversity of Canberra, Australia
Part 2: Infrastructure for theInternet, Computer Networks and Secure Information Transfer
Conducted Communications MediaThomas L. PiggJackson State Community College
Routers and SwitchesHans-Peter DommelSanta Clara University
Radio Frequency and WirelessCommunications SecurityOkechukwu UgwejeThe University of Akron
Wireless ChannelsP. M. ShankarDrexel University
Security in Circuit, Message and Packet SwitchingRobert H. GreenfieldComputer ConsultingDaryle P. NiedermayerCGI Group Inc.
Digital CommunicationRobert W. Heath Jr. The University of Texas, AustinAtul A. SalvekarIntel CorporationWilliam BardThe University of Texas, Austin
Local Area NetworksWayne C. SummersColumbus State University
Wide Area and Metropolitan AreaNetworksLynn A. DeNoiaRensselaer Polytechnic Institute
Home Area NetworkingSherali ZeadallyWayne State UniversityPriya KubherWayne State UniversityNadeem AnsariWayne State University
Public Network Technologies and Security Dale R. ThompsonUniversity of ArkansasAmy W. AponUniversity of Arkansas
Client/Server Computing: Principlesand Security ConsiderationsDaniel J. McFarlandRowan University
Peer-to-Peer SecurityAllan FriedmanHarvard UniversityL. Jean CampHarvard University
Security MiddlewareLinda VoloninoCanisius CollegeRichard P. VoloninoCanisius College
Internet Architecture Graham KnightUniversity College, London, UK
TCP/IP SuitePrabhaker MatetiWright State University
Voice over Internet Protocol (VoIP)Roy MorrisCapitol College
Security and Web Quality of Service Tarek F. Abdelzhaer University of VirginiaChengdu HuangUniversity of Virginia
Mobile Devices and ProtocolsMin SongOld Dominion University
Bluetooth TechnologyBrent A. MillerIBM Corporation
Wireless Local Area NetworksMohammad S. ObaidatMonmouth UniversityG. I. PapadimitriouAristotle University, GreeceS. Obeidat Arizona State University
Security in Wireless Sensor NetworksMohamed EltoweissyVirginia TechStephan OlariuOld Dominion UniversityAshraf WadaaOld Dominion University
Cellular NetworksJingyuan ZhangThe University of Alabama Ivan StojmenovicUniversity of Ottawa, Ottawa, Ontario
Mobile IPM. Farooque MesiyaRensselaer Polytechnic Institute
IP Multicast and its SecurityEmilia RostiUniversità degli Studi di Milano, Italy
TCP over Wireless LinksMohsen Guizani Western Michigan UniversityAnupama RajuWestern Michigan University
Air-Interface Requirements for Mobile Data ServicesHarald HaasInternational University Bremen(IUB), Germany
Wireless InternetAbbas JamalipourUniversity of Sydney, Australia
Security for Satellite NetworksMichele LuglioUniversity of Rome Tor Vergata, ItalyAntonio SaittoTelespazio, Italy
Security of Broadband Access NetworksPeter L. HeinzmannUniversity of Applied Sciences,Eastern Switzerland
Ad hoc Network SecurityPietro Michiardi Institut Eurecom, FranceRefik MolvaInstitut Eurecom, France
Part 3: Standards and Protocolsfor Secure Information Transfer
Standards for Product SecurityAssessmentIstván Zsolt BertaBudapest University of Technologyand Economics, HungaryLevente ButtyánBudapest University of Technologyand Economics, HungaryIstván VajdaBudapest University of Technologyand Economics, Hungary
Digital CertificatesAlbert LeviSabanci University, Turkey
Internet E-Mail ArchitectureRobert GezelterSoftware Consultant
PKI (Public Key Infrastructure)Radia PerlmanSun Microsystems Laboratories
S/MIME (Secure MIME)Steven J. GreenwaldIndependent Information Security Consultant
PGP (Pretty Good Privacy)Stephen A. WeisMassachusetts Institute of Technology
SMTP (Simple Mail Transfer Protocol)Vladimir V. RiabovRivier College
Internet Security StandardsRaymond R. PankoUniversity of Hawaii, Manoa
Kerberos William StallingsIndependent Consultant
IPsec: AH (Authentication Header)and ESP (Encapsulating Security Payload)Amel Meddeb National Digital Certification Agencyand University of Carthage, TunisiaN. BoudrigaNational Digital Certification Agencyand University of Carthage, TunisiaMohammad S. ObaidatMonmouth University
IPsec: IKE (Internet Key Exchange)Charlie KaufmanMicrosoft Corporation
Secure Sockets Layer (SSL)Robert J. BoncellaWashburn University
PKCS (Public-Key CryptographyStandards) Yongge WangUniversity of North Carolina, Charlotte
Secure Shell (SSH)Xukai ZouPurdue University
Security and the WirelessApplication Protocol (WAP)Lillian N. CasselVillanova UniversityCynthia PandolfoVillanova University
Wireless Network Standards and Protocol (802.11) Prashant KrishnamurthyUniversity of Pittsburgh
P3P (Platform for PrivacyPreferences Project)Lorrie Faith CranorCarnegie Mellon University
Volume I: Key Concepts, Infrastructure, Standards and Protocols
IIPart 1: Information Warfare
Cybercrime and the U.S. CriminalJustice SystemSusan W. BrennerUniversity of Dayton
Cyberterrorism and Information SecurityCharles JaegerSouthern Oregon University
Online StalkingDavid J. LoundyDePaul University
Electronic AttacksThomas M. ChenSouthern Methodist UniversityMatthew C. ElderSymantec CorporationJimi ThompsonSouthern Methodist University
Wireless Information WarfareRandall K. NicholsThe George Washington University
Computer Network Operations (CNO)Andrew BlythUniversity of Glamorgan, UK
Electronic ProtectionNeil C. RoweNaval Postgraduate School
Information AssurancePeng LiuPennsylvania State UniversityMeng YuMonmouth UniversityJiwu JingChinese Academy of Sciences,Beijing, China
Part 2: Social and Legal Issues
The Legal Implications ofInformation Security: RegulatoryCompliance and LiabilityBlaze D. WaleskiFulbright & Jaworski L.L.P.
Hackers, Crackers and Computer CriminalsDavid DittrichUniversity of WashingtonKenneth Einar HimmaSeattle Pacific University
HacktivismPaul A. TaylorUniversity of Leeds, UKJan Li. HarrisSalford University, UK
Corporate Spying: The Legal AspectsWilliam A. ZuckerGadsby Hannah LLPScott NathanIndependent Consultant
Law Enforcement and ComputerSecurity Threats and MeasuresMathieu DeflemUniversity of South CarolinaJ. Eagle ShuttUniversity of South Carolina
Combating the Cyber Crime Threat:Developments in Global Law Enforcement Roderic BroadhurstUniversity of Hong Kong, Hong Kong
Digital IdentityDrummond ReedOneName CorporationJerry KindallEpok, Inc.
Digital DivideJaime J. DavilaHampshire College
Legal, Social and Ethical Issues of the InternetKenneth Einar HimmaSeattle Pacific University
Anonymity and Identity on the Internet Jonathan WallaceIndependent Consultant
Spam and the Legal Counter AttacksCharles JaegerSouthern Oregon University
Cyberlaw: The Major Areas,Development and InformationSecurity AspectsDennis M. PowersSouthern Oregon University
Global Aspects of CyberlawJulia Alpert GladstoneBryant College
Privacy Law and the InternetRay Everett-ChurchPrivacyClue LLC
Internet Censorship Richard A. SpinelloBoston College
Copyright LawRandy CanisGreensfelder, Hemker & Gale, P.C.
Patent LawGerald BluhmTyco Fire & Security
Trademark Law and the InternetRay Everett-ChurchPrivacyClue LLC
Online Contracts G.E. EvansQueen Mary University of LondonIntellectual Property ResearchInstitute, UK
Electronic SpeechSeth FinkelsteinConsulting Programmer
Software PiracyRobert K. MoniotFordham University
Internet GamblingSusanna Frederick FischerThe Catholic University of America
The Digital Millennium Copyright ActSeth FinkelsteinConsulting Programmer
Digital Courts, the Law and EvidenceRobert SladeIndependent Consultant, Canada
Part 3: Foundations of Information,Computer and Network Security
Encryption BasicsAri JuelsRSA Laboratories
Symmetric-Key EncryptionJonathan KatzUniversity of Maryland
Data Encryption Standard (DES)Mike SpecinerIndependent Consultant
The Advanced Encryption Standard Duncan A. BuellUniversity of South Carolina
Hashes and Message DigestsMagnus Daumand Ruhr University Bochum, GermanyHans Dobbertin Ruhr University Bochum, Germany
Number Theory for Information SecurityDuncan A. BuellUniversity of South Carolina
Public-Key AlgorithmsBradley S. RubinUniversity of St. Thomas
Elliptic Curve CryptographyNigel SmartUniversity of Bristol, UK
IBE (Identity-Based Encryption)Craig GentryDoCoMo USA Labs
Cryptographic ProtocolsMarkus JakobssonIndiana University, Bloomington
Quantum CryptographyG. Massimo PalmaUniversità degli Studi di Milano, Italy
Key LengthsArjen K. LenstraLucent Technologies and TechnischeUniversiteit Eindhoven, USA
Key Management Xukai ZouPurdue University Amandeep ThukralPurdue University
Secure Electronic Voting ProtocolsHelger LipmaaCybernetica AS (Estonia), Finland
Digital EvidenceRobin C. StuartDigital Investigations Consultant
Digital Watermarking and SteganographyM. A. SuhaUniversity of Bradford, UKB. SadounAl-Balqà Applied University, JordanMohammad S. ObaidatMonmouth University
Law Enforcement and Digital EvidenceJ. Philip CraigerUniversity of Central FloridaMark PollittDigitalEvidenceProJeff SwaugerUniversity of Central Florida
Forensic ComputingMohamed HamdiNational Digital CertificationAgency, TunisiaNoureddine BoudrigaNational Digital CertificationAgency, TunisiaMohammad S. ObaidatMonmouth University
Computer Forensic Proceduresand MethodsJ. Philip CraigerUniversity of Central Florida
Computer Forensics: ComputerMedia Reviews in ClassifiedGovernment AgenciesMichael R. Anderson New Technologies, Inc.
Forensic Analysis of Unix SystemsDario V. ForteUniversity of Milan, Crema, Italy
Forensic Analysis of Windows SystemsSteve J. ChapinSyracuse UniversityChester J. Maciag Air Force Research Laboratory
Operating System SecurityWilliam StallingsIndependent Consultant
Unix SecurityMark ShackletteThe University of Chicago
Linux SecurityA. Justin Wilder Information Technology Agency
OpenVMS SecurityRobert GezelterSoftware Consultant
Windows 2000 SecurityE. Eugene SchultzUniversity of California-Berkeley Lab
Software Development and Quality Assurance Pascal MeunierPurdue University
The Common CriteriaJohn P. McDermottNaval Research Laboratory
Volume II: Information Warfare, Social, Legal, and International Issues and Security Foundations
ABOUT THE EDITOR-IN-CHIEF:HOSSEIN BIDGOLI, PHD, is Professor of Management Information Systems at California State University, Bakersfield. Dr. Bidgolihelped set up the first PC lab in the United States. He is the author of 43 textbooks, 28 manuals, and over five dozen technicalarticles and papers on various aspects of computer applications, e-commerce, and information systems security published andpresented throughout the world. Dr. Bidgoli also serves as the editor-in-chief of the Internet Encyclopedia and Encyclopedia ofInformation Systems. Dr. Bidgoli was selected as the California State University Bakersfield’s 2001-2002 Professor of the Year.
“This book is a ‘must-have’ for anyone practicing or researching any aspect of computer security.”—Aviel D. Rubin, Professor, Computer Science, Johns Hopkins University; Technical Director, Information Security Institute; President, Independent Security Evaluators LLC
IIIPart 1: Threats and Vulnerabilitiesto Information and ComputingInfrastructures
Internal Security ThreatsMarcus K. RogersPurdue University
Physical Security ThreatsMark MichaelKing’s College
Fixed-Line Telephone SystemVulnerabilitiesMak Ming TakHong Kong University of Scienceand Technology, Hong KongXu YanHong Kong University of Scienceand Technology, Hong KongZenith Y.W. LawJustSolve Consulting, Hong Kong
E-Mail Threats and VulnerabilitiesDavid HarleyOpen University, UK
E-Commerce Vulnerabilities Sviatoslav BraynovUniversity of Illinois, Springfield
Hacking Techniques in Wired NetworksQijun GuPennsylvania State UniversityPeng LiuPennsylvania State UniversityChao-Hsien ChuPennsylvania State University
Hacking Techniques in Wireless Networks Prabhaker MatetiWright State University
Computer Viruses and WormsRobert SladeIndependent Consultant, Canada
Trojan Horse ProgramsAdam YoungCigital, Inc.
Hoax Viruses and Virus AlertsRobert SladeIndependent Consultant, Canada
Hostile Java AppletsDavid EvansUniversity of Virginia
SpywareTom S. ChanSouthern New Hampshire University
Mobile Code and SecuritySong FuWayne State UniversityCheng-Zhong XuWayne State University
Wireless Threats and AttacksRobert J. BoncellaWashburn University
WEP SecurityNikita BorisovUniversity of California, Berkeley
Bluetooth SecuritySusanne WetzelStevens Institute of Technology
Cracking WEP Pascal MeunierPurdue University
Denial of Service Attacks E. Eugene SchultzUniversity of California-Berkeley Lab
Network AttacksEdward AmorosoAT&T Laboratories
Fault AttacksHamid ChoukriGemplus & University of Bordeaux,FranceMichael TunstallGemplus & Royal HollowayUniversity, France
Side-Channel AttacksPankaj RohatgiIBM Corporation
Part 2: Prevention: Keeping theHackers and Crackers at Bay
Physical Security MeasuresMark MichaelKing’s College
RFID and SecurityStephen A. WeisMassachusetts Institute of Technology
Cryptographic Privacy Protection TechniquesMarkus JakobssonIndiana University, Bloomington
Cryptographic Hardware Security ModulesNicko van SomerennCipher Corporation, UK
Smart Card SecurityMichael TunstallGemplus & Royal HollowayUniversity, FranceSebastien PetitGemplus, FranceStephanie PorteGemplus, France
Client-Side SecurityCharles BorderRochester Institute of Technology
Server-Side SecuritySlim RekhisNational Digital Certification Agency,and University of Carthage, TunisiaNoureddine BoudrigaNational Digital Certification Agency,and University of Carthage, TunisiaMohammad S. ObaidatMonmouth University
Protecting Web SitesDawn AlexanderUniversity of MarylandApril GilesIndependent Consultant
Database SecurityMichael GertzUniversity of California, DavisArnon RosenthalThe MITRE Corporation
Medical Records Security Normand M. MartelMedical Technology Research Corp.
Access Control: Principles and SolutionsS. De Capitani di VimercatiUniversità di Milano, Italy S. ParaboschiUniversità di Bergamo, ItalyPierangela SamaratiUniversità di Milano, Italy
Password Authentication Jeremy L. RasmussenSypris Electronics, LLC
Computer and NetworkAuthenticationPatrick McDanielPennsylvania State University
Antivirus Technology Matthew SchmidCigital, Inc.
Biometric Basics and Biometric Authentication James L. WaymanSan Jose State University
Issues and Concerns in Biometric IT SecurityPhilip StathamUK Government Biometrics Working Group, UK
Firewall BasicsJames E. GoldmanPurdue University
Firewall ArchitecturesJames E. GoldmanPurdue University
Packet Filtering and Stateful FirewallsAvishai WoolTel Aviv University, Israel
Proxy FirewallsJohn D. McLarenMurray State University
E-Commerce SafeguardsMark S. MerkowUniversity of Phoenix
Digital Signatures and ElectronicSignaturesRaymond R. PankoUniversity of Hawaii, Manoa
E-Mail SecurityJon CallasPGP Corporation
Security for ATM NetworksThomas D. TarmanSandia National Laboratories
VPN BasicsG. I. PapadimitriouAristotle University, GreeceMohammad S. ObaidatMonmouth UniversityC. PapazoglouAristotle University, GreeceA.S. PomportsisAristotle University, Greece
VPN ArchitectureStan KurkovskyColumbus State University
IP-Based VPNDavid E. McDysanMCI Corporation
Identity Management John LinnRSA Laboratories
Use of Deception Techniques:Honeypots and DecoysFred CohenUniversity of New Haven
Active Response to Computer IntrusionsDavid DittrichUniversity of WashingtonKenneth Einar HimmaSeattle Pacific University
Part 3: Detection, Recovery,Management and PolicyConsiderations
Intrusion Detection Systems BasicsPeng NingNorth Carolina State UniversitySushil JajodiaGeorge Mason University
Host-Based Intrusion Detection SystemsGiovanni VignaUniversity of California, Santa BarbaraChristopher KruegelTechnical University, Vienna, Austria
Network-Based IntrusionDetection SystemsMarco CremoniniUniversity of Milan, Italy
Use of Agent Technology for Intrusion Detection Dipankar DasguptaThe University of Memphis
Contingency Planning ManagementMarco Cremonini University of Milan, ItalyPierangela SamaratiUniversity of Milan, Italy
Computer Security IncidentResponse Teams (CSIRTs)Raymond R. PankoUniversity of Hawaii, Manoa
Implementing a SecurityAwareness ProgramK. RudolphNative Intelligence, Inc.
Risk Assessment for Risk ManagementRick KazmanUniversity of Hawaii, ManoaDaniel N. PortUniversity of Hawaii, ManoaDavid KlappholzStevens Institute of Technology
Security Insurance and Best PracticesSelahattin KuruIsik University, TurkeyOnur Ihsan ArsunIsik University, TurkeyMustafa YıldızIsik University, Turkey
Auditing Information Systems Security S. Rao VallabhaneniSRV Professional Publications
Evidence Collection and Analysis ToolsChristopher L. T. BrownTechnology Pathways LLC
Information Leakage: Detection and CountermeasuresPhil VenablesGoldman Sachs
Digital Rights ManagementRenato IannellaIPR Systems, Italy
Web Hosting Doug KayeIT Conversations
Managing a Network EnvironmentJian RenMichigan State University
E-Mail and Internet Use PoliciesNancy J. KingOregon State University
Forward Security: AdoptiveCryptography Time EvolutionGene Itkis Boston University
Security Policy GuidelinesMohamed HamdiNational Digital CertificationAgency, TunisiaNoureddine BoudrigaNational Digital CertificationAgency, TunisiaMohammad S. ObaidatMonmouth University
The Asset-Security GoalsContinuum: A Process for Security Margarita Maria LenkColorado State University
Multilevel Security Richard E. SmithUniversity of St. Thomas
Multilevel Security Models Mark StampSan Jose State UniversityAli HushyarSan Jose State University
Security ArchitecturesNicole GrafUniversity of CooperativeEducation, GermanyDominic KneeshawIndependent Consultant, Germany
Quality of Security Service:Adaptive SecurityTimothy E. LevinNaval Postgraduate SchoolCynthia E. IrvineNaval Postgraduate SchoolEvdoxia SpyropoulouTechnical Vocational EducationalSchool of Computer Science of Halandri, Greece
Security Policy EnforcementCynthia E. IrvineNaval Postgraduate School
Guidelines for a ComprehensiveSecurity SystemHossein BidgoliCalifornia State University,Bakersfield
Volume III: Threats, Vulnerabilities, Prevention,Detection and Management Contents
John Wiley & Sons111 River StreetHoboken, NJ 07030FPO
OR
DE
RF
OR
M SPECIAL PRE-PUBLICATION OFFER — SAVE WHEN YOU ORDER BY JANUARY 31, 2006
Shipping and handling, applicable taxes, sale items, subscriptions, supplements, electronic products andsets (unless otherwise noted), and Pfeiffer Annuals excluded. Offers cannot be combined for additionaldiscounts. All orders must be paid in U.S. dollars. Prices subject to change. Free shipping, when offered,is available only within the 50 United States and only via UPS Ground. Free shipping to HI, AK, and PR isvia 2-Day air. FOB SHIPPING POINTS: Somerset, NJ and Harrisonburg, VA.
SHIPPING CHARGESMerchandise Surface 2-Day 1-DayFirst Item $5.00 $10.50 $17.50Each additional item $3.00 $3.00 $4.00
SALES TAXAdd appropriate sales tax. FED TAX ID 135593032. Tax-Exempt Institutions: All orders must be placedby phone, fax, or mail with a copy of your tax-exemption certificate. When ordering, please specifyyour valid promotion code to receive any applicable discount.
DELIVERYOrders shipped via “Surface” will normally arrive within 7-10 business days. Orders shipped via “2-Day”will normally arrive within 2-3 business days of placement of order via telephone. Orders shipped via “1-Day”will normally arrive within 1-2 business days from placement of order via telephone (before 1:00pm EST).All orders are subject to credit review. Alaska, Hawaii, Puerto Rico, and other U.S. Protectorates orderswill be shipped via “2-Day Air.”
PAYMENT METHOD (all payments must be in US Dollars):
Payment Enclosed: ❑ VISA ❑ MC ❑ AMEX ❑ DISCOVER ❑ CHECK/MONEY ORDER
Card # _____________________________________________________ Exp. Date ______/______/______
Cardholder Name __________________________________________________________________________
Authorized Signature ______________________________________________________________________
❑ Bill My Company (for organizations only). A valid purchase order number and telephone num-ber are required. For orders over $500.00, a hard copy of the purchase order must accompany yourorder. Billed orders will include shipping charges. Billed orders in U.S. currency only.
Purchase Order # __________________________________________________________________________
CUSTOMER INFORMATIONName / Title____________________________________________________________________________________________
Organization ____________________________________________________________________________________________
Address ________________________________________________________________________________________________(Please note we cannot ship to post office boxes)
City/State/Zip __________________________________________________________________________________________
Telephone: ___________________________________________Email: ____________________________________________(required on all orders in case of inquiry)
SHIP TO (if different from Customer Information):Name / Title____________________________________________________________________________________________
Company Name (if applicable) __________________________________________________________________________
Address ________________________________________________________________________________________________
City/State/Zip __________________________________________________________________________________________
MAIL TO: John Wiley & Sons, Inc., Attn: M. Patterson111 River Street, Hoboken, NJ 07030
TO ORDER BY PHONE: 1-877-762-2974PROMO CODE 54001
The Definitive Resource on Information
and Computer SecuritySPECIAL PRE-PUB OFFER!
See inside for details
ORDER AMOUNT ___________
SHIPPING CHARGES ___________
SALES TAX ___________
TOTAL ENCLOSED ___________
INDIVIDUAL VOLUMES
❑ Volume 1: Key Concepts, Infrastructure, Standards and Protocols (0-471-64830-2) $300.00 / $250.00 ___________
❑ Volume 2: Information Warfare, Social, Legal, and International Issues and Security Foundations (0-471-64831-0) $300.00 / $250.00 ___________
❑ Volume 3: Threats, Vulnerabilities, Prevention, Detection and Management (0-471-64832-9) $300.00 / $250.00 ___________
THREE VOLUME SET
❑ Handbook of Information Security (0-471-64833-7) $900.00 / $750.00 ___________
Other works by Dr. Bidgoli include the best-selling and award-winning
three-volume The Internet Encyclopedia (0-471-22201-1, December 2003, $750)