This edited book discusses a very wide range of topics related to information security, which de Leeuw (following Jones, Kovacovich and Luzwick, 2002) defines as “the protection of information and information systems against unauthorized access or modification of information”. Information security is includes legal, social, computational and technical constraints built into information systems to assure that these systems are not used improperly.
The book contains 29 chapters divided into six parts. The first part is about intellectual ownership and discusses the history of scientific publishing, patent law, software patents, and copyright protection of different media and software. The second part focuses on identity management, introduces basic concepts, provides a history of the security of banknotes and describes different of identification techniques for people including automatic identification systems based on biometrics.
The third and the fourth parts concentrate on communication and computer security respectively. The third part has several chapters on the history of European cryptology, from the Renaissance through the second world war and the cold war. The US is represented in the chapter on the National Security Agency. The last chapter in this part is the most technical one, providing an introduction to cryptographic algorithms, both symmetric (like DES) and asymmetric (public‐key) systems. Part 4 discusses formal security models, security through transparency and IT auditing. In addition it provides a history of computer security standards, a history of internet security and computer crime.
The fifth part deals with privacy and regulations regarding the export of cryptography that were enforced by the US until the end of the twentieth century. Privacy is “the right to be left alone”, and the need to protect privacy contradicts the need for surveillance. The last part consists of a single chapter discussing information warfare – operations that exploit the vulnerabilities of communication and information systems.
Each chapter contains a large number of references. The chapters are well written and provide extensive historical information on different aspects of information security. This book will be a valuable asset for academic libraries and for researchers interested in the history of information security. Because of the multidisciplinary nature of the chapters, the book will be of interest to information, computer and social scientists, legal professionals, historians and policy makers.
