Atjaunināt sīkdatņu piekrišanu

RFID: Applications, Security, and Privacy [Hardback]

2.67/5 (12 ratings by Goodreads)
,
  • Formāts: Hardback, 608 pages, height x width x depth: 182x243x27 mm, weight: 1052 g
  • Izdošanas datums: 21-Jul-2005
  • Izdevniecība: Addison-Wesley Educational Publishers Inc
  • ISBN-10: 0321290968
  • ISBN-13: 9780321290960
Citas grāmatas par šo tēmu:
RFID: Applications, Security, and PrivacyPalielināt
  • Formāts: Hardback, 608 pages, height x width x depth: 182x243x27 mm, weight: 1052 g
  • Izdošanas datums: 21-Jul-2005
  • Izdevniecība: Addison-Wesley Educational Publishers Inc
  • ISBN-10: 0321290968
  • ISBN-13: 9780321290960
Citas grāmatas par šo tēmu:
Permanent link: https://www.kriso.lv/db/9780321290960.html
Keywords:
RFID is the first important technology of the twenty-first century. Thats an awesome responsibility. How can we know when and how RFID is being used? How can we make sure it is not misused? How can we exercise choice over how it affects us personally? How do we ensure it is safe? This book is a valuable contribution to the ongoing effort to find the answers. From the Foreword by Kevin Ashton, cofounder and former executive director, Auto-ID Center; vice president, ThingMagic CorporationRadio frequency identification (RFID) technology is rapidly becoming ubiquitous as businesses seek to streamline supply chains and respond to mandates from key customers. But RFID and other new wireless ID technologies raise unprecedented privacy issues. RFID: Applications, Security, and Privacy covers these issues from every angle and viewpoint.

Award-winning technology journalist and privacy expert Simson Garfinkel brings together contributions from every stakeholder communityfrom RFID suppliers to privacy advocates and beyond. His contributors introduce todays leading wireless ID technologies, trace their evolution, explain their promise, assess their privacy risks, and evaluate proposed solutionstechnical, business, and political. The book also looks beyond RFID, reviewing the privacy implications of Wi-Fi, Bluetooth, smart cards, biometrics, new cell-phone networks, and the ever-evolving Internet. Highlights include





How RFID and other wireless ID technologies work RFID applicationsfrom gas stations and pharmacies to the twenty-first century battlefield RFID, privacy, and the lawin the United States and around the world RFID, security, and industrial espionage How Bluetooth and Wi-Fi can track individuals, with or without their permission Technical solutions to wireless ID privacy concernstheir values and limitations Stakeholder perspectives from EPCglobal, Inc., Gemplus, The Procter & Gamble Company, and other industry leaders The future of citizen activism on privacy issues

Clear, balanced, and accessible, this is the indispensable primer for everyone involved in RFID: businesses implementing or evaluating RFID; technology suppliers responding to user concerns; and policymakers and privacy advocates who want a deeper understanding of the technology and its implications.

Includes contributions from

AIM Global, Inc. CASPIAN Center for Democracy and Technology EPCglobal, Inc. The Galecia Group Gemplus IDAT Consulting & Education Institute for the Future Matrics, Inc. MIT Computer Science & Artificial Intelligence Laboratory MIT Media Laboratory OATSystems Privacy Journal The Privacy Rights Clearinghouse The Procter & Gamble Company RSA Laboratories UCLA Department of Geography Wayne State University Law School

Papildus informācija

RFID is the first important technology of the twenty-first century. Thats an awesome responsibility. How can we know when and how RFID is being used? How can we make sure it is not misused? How can we exercise choice over how it affects us personally? How do we ensure it is safe? This book is a valuable contribution to the ongoing effort to find the answers. From the Foreword by Kevin Ashton, cofounder and former executive director, Auto-ID Center; vice president, ThingMagic CorporationRadio frequency identification (RFID) technology is rapidly becoming ubiquitous as businesses seek to streamline supply chains and respond to mandates from key customers. But RFID and other new wireless ID technologies raise unprecedented privacy issues. RFID: Applications, Security, and Privacy covers these issues from every angle and viewpoint.

Award-winning technology journalist and privacy expert Simson Garfinkel brings together contributions from every stakeholder communityfrom RFID suppliers to privacy advocates and beyond. His contributors introduce todays leading wireless ID technologies, trace their evolution, explain their promise, assess their privacy risks, and evaluate proposed solutionstechnical, business, and political. The book also looks beyond RFID, reviewing the privacy implications of Wi-Fi, Bluetooth, smart cards, biometrics, new cell-phone networks, and the ever-evolving Internet. Highlights include





How RFID and other wireless ID technologies work RFID applicationsfrom gas stations and pharmacies to the twenty-first century battlefield RFID, privacy, and the lawin the United States and around the world RFID, security, and industrial espionage How Bluetooth and Wi-Fi can track individuals, with or without their permission Technical solutions to wireless ID privacy concernstheir values and limitations Stakeholder perspectives from EPCglobal, Inc., Gemplus, The Procter & Gamble Company, and other industry leaders The future of citizen activism on privacy issues

Clear, balanced, and accessible, this is the indispensable primer for everyone involved in RFID: businesses implementing or evaluating RFID; technology suppliers responding to user concerns; and policymakers and privacy advocates who want a deeper understanding of the technology and its implications.

Includes contributions from

AIM Global, Inc. CASPIAN Center for Democracy and Technology EPCglobal, Inc. The Galecia Group Gemplus IDAT Consulting & Education Institute for the Future Matrics, Inc. MIT Computer Science & Artificial Intelligence Laboratory MIT Media Laboratory OATSystems Privacy Journal The Privacy Rights Clearinghouse The Procter & Gamble Company RSA Laboratories UCLA Department of Geography Wayne State University Law School
Foreword xxi
Preface xxv
Acknowledgments xlvii
Part I Principles
1(176)
Automatic Identification and Data Collection: What the Future Holds
3(12)
Dan Mullen
Bert Moore
Introduction
3(1)
A Brief History of AIDC
4(2)
Bar Codes
4(1)
Magnetic Stripes and MICR
5(1)
Radio Frequency Identification
5(1)
The ``Industry'' That Isn't
6(1)
The Interconnected World
7(1)
Clear and Present Benefits
8(3)
Manufacturing
8(1)
Distribution and Inventory
8(1)
Retail
9(1)
Document Tracking
9(1)
Security
9(1)
Food Supplies
10(1)
Healthcare
10(1)
Future Applications
11(2)
Sensor-Enabled RFID
11(1)
Pharmaceutical Authenticity
11(1)
Product Authenticity
12(1)
Intelligent Items
12(1)
Data Exchange
12(1)
Conclusions
13(2)
Understanding RFID Technology
15(22)
Simson Garfinkel
Henry Holtzman
Introduction
15(1)
RFID Technology
15(12)
The Elements of an RFID System
16(7)
Coupling, Range, and Penetration
23(4)
RFID Applications
27(8)
Supply Chain Visibility and Inventory Management
27(2)
Implants
29(6)
VeriChip and Mark of the Beast
35(1)
Conclusions
35(2)
A History of the EPC
37(20)
Sanjay Sarma
Introduction
37(1)
The Beginning
37(3)
The Distributed Intelligent Systems Center
38(1)
Meanwhile, at Procter & Gamble
39(1)
A Mini-Lecture: The Supply Chain
40(1)
The Auto-ID Center
41(9)
The Cheap Tag
43(1)
``Low-Cost'' RFID Protocols
44(2)
``Low-Cost'' Manufacturing
46(1)
The Software and the Network
47(1)
Privacy
48(2)
Summary: The Ultimate Systems Problem
50(1)
Harnessing the Juggernaut
50(4)
The Six Auto-ID Labs
51(1)
The Evolution of the Industry
52(1)
The Creation of EPCglobal
53(1)
Conclusions
54(3)
RFID and Global Privacy Policy
57(26)
Stephanie Perrin
Introduction
57(1)
Definitions of Privacy
58(4)
Definitions of Personal Information
58(1)
History of Current Privacy Paradigm
59(3)
Mapping the RFID Discovery Process
62(3)
Functions and Responsibilities for Chips, Readers, and Owners
64(1)
Privacy as a Fundamental Human Right
65(4)
Constitutional Rights
68(1)
Privacy Through Data Protection Law and Fair Information Practices
69(11)
A Brief History of FIPS
69(2)
Accountability
71(1)
Responsibility in Individual RFID Scenarios
71(2)
Identifying Purposes
73(1)
Consent
74(1)
Limiting Collection
75(1)
Limiting Use, Disclosure, and Retention
75(1)
Accuracy
76(1)
Safeguards
77(3)
Challenging Compliance
80(1)
Conclusions
80(3)
RFID, Privacy, and Regulation
83(16)
Jonathan Weinberg
Introduction
83(1)
Some Current and Proposed RFID Applications
84(2)
Whither Item-Level Tagging?
86(2)
Understanding RFID's Privacy Threats
88(4)
Conclusions
92(7)
RFID and the United States Regulatory Landscape
99(38)
Doug Campbell
Introduction
99(2)
Current State of RFID Policy
101(4)
Individuals
103(1)
Business
103(1)
Government
104(1)
Miscellaneous
104(1)
RFID Policy Issues
105(6)
Privacy
105(3)
Integrity and Security of the System
108(1)
Government Access
108(1)
Health Impact
109(1)
Labor Impact
109(1)
Spectrum Conflicts
110(1)
Use of RFID Technology to Limit Product Functionality
110(1)
Government Versus Individual Context
111(3)
Business Versus Individual Context
114(5)
Policy Dialogue Dynamic
116(3)
Industry Leadership
119(1)
Options for Government Leadership
120(4)
Congress
120(2)
Federal Trade Commission
122(2)
Snapshot of Current Status
124(2)
Policy Prescriptions
126(4)
The Case for, and Limits of, EPCglobal Leadership
130(3)
Other Industry Alternatives?
131(1)
Current EPCglobal Policy
132(1)
Conclusions
133(4)
RFID and Authenticity of Goods
137(12)
Marlena Erdos
Introduction
137(1)
A Few Important Concepts in Authentication
138(2)
Authentication Involves Secret Data
138(1)
The ``Key Distribution'' Problem
139(1)
Stolen Keys and Revocation
139(1)
Comment on Authentication Costs
139(1)
Authenticity of Tags and Authenticity of Goods
140(1)
Authenticity of Goods and Anticounterfeiting Measures
141(3)
Injection of Counterfeit Goods into the Supply Chain: Two Scenarios
141(2)
How Authenticatable Tags Could Help
143(1)
Switching the Security Burden
143(1)
Authentication of Readers
144(1)
Authenticating Readers to Tags
144(1)
Authenticating Readers Within an Enterprise
145(1)
Authentication of Users Across the Supply Chain (Federation)
145(2)
Burden on System Administrators
146(1)
Burden on Users
146(1)
The Answer Is Federation
147(1)
Conclusions
147(2)
Location and Identity: A Brief History
149(14)
Michael Curry
Introduction
149(1)
Place and Identity in a World of Habits and Symbols
150(2)
Locational Technologies
152(5)
Ptolemy and the Development of Classified Space
152(2)
Getting Addressed
154(3)
Rethinking Identity: Beyond Traits and Names
157(3)
On RFID
160(1)
Conclusions
161(2)
Interaction Design for Visible Wireless
163(14)
Chris Noessel
Simona Brusa Pasque
Jason Tester
Introduction
163(1)
The Role of Interaction Design
164(1)
A Common Vocabulary
164(2)
Designing and Modifying WID Systems
166(10)
Disclosure at Read
166(4)
Disclosure of Use
170(1)
Read Range
171(1)
Identifiable Readers
172(2)
Permissions-Based Tags
174(1)
Physical Remedies to Opt Out
175(1)
Conclusions
176(1)
Part II Applications
177(80)
RFID Payments at ExxonMobil
179(10)
Simson Garfinkel
Introduction
179(3)
Interview with Joe Giordano, ExxonMobil Corporation
182(7)
Transforming the Battlefield with RFID
189(12)
Nicholas Tsougas
Introduction
189(1)
Logistics and the Military
190(8)
Conclusions
198(3)
RFID in the Pharmacy: Q&A with CVS
201(10)
Simson Garfinkel
Jack DeAlmo
Stephen Leng
Paul McAfee
Jeffrey Puddington
Introduction
201(1)
CVS and Auto-ID
202(1)
Project Jump Start
203(2)
RFID in the Store
205(1)
Making RFID Work: The Back End
205(6)
RFID in Healthcare
211(18)
Kenneth Fishkin
Jay Lundell
Introduction
211(1)
The Hospital
212(4)
Tracking People and Objects
212(1)
Safeguarding Equipment Use
213(1)
Assisting Medical Personnel
214(2)
Home Eldercare
216(5)
Activity Monitoring and ``OKness'' Checking
217(2)
Criteria for Different Types of ``OKness'' Systems
219(1)
Applications for Assisting the Elderly
220(1)
Challenges
221(5)
Radio Frequency Health Issues
221(2)
Standards
223(1)
Privacy, Security, and HIPAA
223(3)
Conclusions
226(3)
Wireless Tracking in the Library: Benefits, Threats, and Responsibilities
229(16)
Lori Bowen Ayre
Introduction
229(1)
RFID System Components and Their Effects in Libraries
230(3)
Tag
230(1)
Reader
231(1)
Application
232(1)
RFID Standards
233(1)
RFID in U.S. Libraries
234(5)
Penetration
234(1)
Library Problems Addressed by RFID
234(1)
Cost of Implementing RFID System in Libraries
235(1)
Role of Librarians
236(1)
Privacy Protections for RFID by Industry and the Government
237(2)
Best-Practices Guidelines for Library Use of RFID
239(2)
Educating the Public
240(1)
Conclusions
241(4)
Tracking Livestock with RFID
245(12)
Clint Peck
Introduction
245(2)
RFID Has to Prove Itself
247(1)
Putting RFID to Work
248(1)
RFID and Livestock Marketing
249(4)
Traceback and RFID Standardization with Livestock
250(1)
Auction Markets: A Critical Component
251(2)
RFID World Livestock Roundup
253(4)
Australia
253(1)
Brazil
253(1)
Canada
254(1)
European Union
254(1)
France
255(1)
Japan
255(1)
New Zealand
256(1)
United Kingdom
256(1)
Part III Threats
257(70)
RFID: The Doomsday Scenario
259(16)
Katherine Albrecht
Introduction
259(1)
RFID Tags and the EPC Code
260(3)
A Ubiquitous RFID Reader Network
263(2)
Watching Everything: RFID and the Four Databases It Will Spawn
265(6)
Database #1: The ``Where-Did-This-Come-From?'' Manufacturer's Database
266(1)
Database #2: The ``What-Is-This?'' EPC Database
267(1)
Database #3: The ``Who-Bought-It?'' Point-of-Sale Database
268(2)
Database #4: The ``Where-Has-It-Been-Seen?'' Post-Sale Surveillance Database
270(1)
Corporate Abuse
271(1)
Government Abuse
272(1)
Conclusions
273(2)
Multiple Scenarios for Private-Sector Use of RFID
275(8)
Ari Schwartz
Paula Bruening
Introduction
275(2)
Scenario 1: ``No One Wins''
277(1)
Scenario 2: ``Shangri-La''
278(1)
Scenario 3: ``The Wild West''
279(1)
Scenario 4: ``Trust but Verify''
280(1)
Conclusions
281(2)
Would Macy's Scan Gimbels?: Competitive Intelligence and RFID
283(8)
Ross Stapleton-Gray
Introduction
283(1)
In-Store Scenarios
283(3)
Consumer Technology as a Means of Intelligence Gathering
284(1)
Other Sources of Competitive Intelligence
285(1)
So, Who Wants to Know?
286(4)
The Value of Functional Tags on the Shelves
286(2)
Qui Bono?
288(1)
Dead Tags Tell No Tales
289(1)
A Recoding Strategy
289(1)
Conclusions
290(1)
Hacking the Prox Card
291(12)
Jonathan Westhues
Introduction
291(1)
Reverse-Engineering the Protocol
292(3)
Why It Wasn't Very Hard
294(1)
Security Implications
295(2)
Protecting Against These Types of Attacks
297(3)
Conclusions
300(3)
Bluejacked!
303(24)
Pius Uzamere II
Simson Garfinkel
Ricardo Garcia
Introduction
303(1)
Bluetooth
303(13)
Bluetooth's Background
306(3)
Bluetooth Profiles
309(3)
Untrusted Versus Trusted Pairing and Discoverability
312(3)
Current and Speculative Bluetooth Implementations
315(1)
Bluetooth Security and Privacy Attacks
316(9)
Cracking Bluetooth
317(5)
Bluetapping
322(1)
Locational Surveillance
323(2)
Conclusions
325(2)
Part IV Technical Solutions
327(30)
Technological Approaches to the RFID Privacy Problem
329(12)
Ari Juels
Introduction
329(2)
The Technical Challenges of RFID Privacy
331(1)
Blocker Tags
332(3)
Soft Blocking
335(1)
Signal-to-Noise Measurement
336(1)
Tags with Pseudonyms
336(1)
Corporate Privacy
337(1)
Technology and Policy
338(1)
Conclusions
338(3)
Randomization: Another Approach to Robust RFID Security
341(6)
Michael Arneson
William Bandy
Introduction
341(1)
The Problems in RFID Security
341(2)
Conclusions
343(4)
Killing, Recoding, and Beyond
347(10)
David Molnar
Ross Stapleton-Gray
David Wagner
Introduction
347(2)
RFID Recoding and Infomediaries
349(3)
Applications Prevented by Killing
349(1)
Recoding and Electronic Product Codes
350(2)
Infrastructure Issues
352(3)
Protecting the Kill Switch
352(1)
Recoding, Rewritable Tags, and Vandalism
353(1)
The ``Subthreshold'' Retailer
354(1)
Who Pays?
354(1)
Conclusions
355(2)
Part V Stakeholder Perspectives
357(122)
Texas Instruments: Lessons from Successful RFID Applications
359(8)
Bill Allen
Introduction
359(1)
Toll Tracking: Who Knows Where You Are Going?
360(1)
Contactless Payment: Are Safeguards Already in Place?
361(2)
RFID and Automotive Anti-Theft: Staying Ahead of the Security Curve
363(1)
How and What We Communicate
364(2)
Listen to the Consumer
365(1)
Protect Data
365(1)
Empower the Consumer
365(1)
Conclusions
366(1)
Gemplus: Smart Cards and Wireless Cards
367(14)
Christophe Mourtel
Introduction
367(1)
What Is a Smart Card?
367(3)
Smart Card Communication and Command Format
370(1)
Card Life Cycle
371(1)
Smart Card Applications
372(1)
Pay TV
372(1)
Mobile Communications
372(1)
Electronic Cash
373(1)
Other Applications
373(1)
``Contactless'' Cards
373(1)
Protocols and Secure Communication Schemes
374(1)
Constraints of Contactless Products
375(2)
Speed and Working Distance
376(1)
Interoperability
376(1)
Contactless Products and the Contact Interface
377(3)
Communication
377(2)
Physical Security
379(1)
Software Security
380(1)
Conclusions
380(1)
NCR: RFID in Retail
381(16)
Dan White
Introduction
381(1)
Payment Applications
381(2)
Current Installations
382(1)
Food Ordering
382(1)
Inventory Management Applications
383(6)
Out-of-Stocks
384(1)
Theft Prevention
384(1)
Electronic Shelf Labels
385(1)
Technical Limitations
385(1)
Cost and Installation Limitations
386(1)
Misplaced Inventory
386(1)
Product Locator
387(1)
Back Room
388(1)
Mobile Systems
388(1)
Hybrid Scanners
389(3)
Traceability
389(1)
Perishable Products
390(1)
Recalls
390(1)
No More Receipts
390(1)
Technology Analysis
391(1)
Privacy Concerns
392(1)
RFID Portal
393(2)
Conclusions
395(2)
P&G: RFID and Privacy in the Supply Chain
397(16)
Sandy Hughes
Introduction
397(1)
Procter & Gamble's Position
398(1)
RFID Technology and the Supply Chain
399(9)
Internal P&G Protocols
406(1)
External P&G Protocols
406(1)
Supply Chain Dependencies
407(1)
Global Guidelines for EPC Usage
408(4)
Consumer Notice
408(1)
Consumer Education
409(1)
Consumer Choice
410(1)
Record Use, Retention, and Security
411(1)
Conclusions
412(1)
Citizens: Getting at Our Real Concerns
413(18)
Robert Ellis Smith
Mikhail Zolikoff
Introduction
413(1)
Prior to the Point of Sale
414(1)
After the Point of Sale: Nonconsumer Goods
414(1)
After the Point of Sale: Consumer Goods
415(1)
After the Point of Sale: Privacy Interests
416(3)
Possible Scenarios
418(1)
Eliminating the RFID Threats to Privacy
419(9)
Mitigating the Threats: ``Continue Activation'' as the Default for Nonconsumer Goods
420(1)
Mitigating the Threats: ``Continue Activation'' as the Default for Certain Consumer Goods
421(1)
Mitigating the Threats: ``Deactivation'' as the Default for Sensitive Products
422(1)
Hybrid Products
422(1)
Enforcing This Scheme by Law
423(1)
The CALEA Experience
423(2)
On the Other Hand: The Electronic-Funds Experience
425(1)
Mitigating the Threats: Different Frequencies
426(1)
An Additional Consideration: Chip Security
427(1)
Conclusions
428(3)
Activists: Communicating with Consumers, Speaking Truth to Policy Makers
431(8)
Beth Givens
Introduction
431(1)
RFID Characteristics That Threaten Privacy
432(1)
Proposed Technology-Based Solutions
433(1)
Is Consumer Education the Answer?
434(1)
Calling for a Technology Assessment
434(3)
Conclusions
437(2)
Experimenting on Humans Using Alien Technology
439(12)
Peter de Jager
Introduction
439(1)
The Surveillance Society: It's Already Here
440(1)
A Trick to Overcome Resistance
440(2)
Constituents to Change---and to Stasis
442(2)
Privacy Advocates Own This Story
444(1)
Privacy, Change, and Language
444(3)
How to Make Consumers Demand Change (and RFID)
447(1)
Conclusions
448(3)
Asia: Billions Awaken to RFID
451(16)
Bimal Sareen
Introduction
451(1)
Factors Separating Western and Asian RFID Experience
451(4)
Privacy: Western Luxury or Western Construct?
452(1)
RFID as the Lightning Rod of Privacy Activists
453(1)
The Indian Perspective on Personal Privacy
453(1)
Other Asian Countries' Views on Privacy
454(1)
The Extant Paper Database and Electronic Credit Card Systems
455(1)
A Cultural Predisposition to Technology Adoption?
455(1)
Establishment of National Identities
455(1)
A Complex Interplay of Social Systems and Technology
456(1)
RFID in India
456(5)
Local Deployments of RFID in India
457(1)
A Positive Outlook for Retail and Industry
458(1)
E-Governance Applications
458(1)
A Strategic Position
459(1)
Government Adoption, Not Regulation, for RFID
459(1)
India-Specific RFID Deployment Concerns
460(1)
RFID in India: Summary
461(1)
RFID Across Asia
461(4)
China
461(1)
Hong Kong
462(1)
Japan
463(1)
South Korea
464(1)
Malaysia
464(1)
Singapore
464(1)
Conclusions
465(2)
Latin America: Wireless Privacy, Corporations, and the Struggle for Development
467(12)
Jennifer Torres-Wernicke
Introduction
467(1)
An Overview of Wireless Services Penetration into Central America
468(2)
Spread Spectrum
468(1)
WiFi
469(1)
RFID
469(1)
Pervasiveness of Telecommunications in Central America
470(3)
Panama
470(1)
El Salvador
471(1)
Costa Rica
471(1)
Guatemala
471(1)
Honduras
472(1)
Nicaragua
472(1)
Privacy Concerns
473(2)
Old Assumptions in a New World
473(1)
The Author's Experience Living in El Salvador
474(1)
An Overview of Privacy Across Latin America
475(2)
A Word on the U.S.-Mexican Border
476(1)
What About the United States?
477(1)
Conclusions: Privacy, Poverty, and the Future
477(2)
Appendixes
479(56)
Appendix A Position Statement on the Use of RFID on Consumer Products
481(16)
Appendix B RFID and the Construction of Privacy: Why Mandatory Kill Is Necessary
497(10)
Appendix C Guidelines for Privacy Protection on Electronic Tags of Japan
507(8)
Takato Natsui
Appendix D Adapting Fair Information Practices to Low-Cost RFID Systems
515(10)
Simson Garfinkel
Appendix E Guidelines on EPC for Consumer Products
525(4)
Appendix F Realizing the Mandate: RFID at Wal-Mart
529(6)
Gus Whitcomb
Simson Garfinkel
Index 535


Simson Garfinkel is a computer security researcher and an award-winning commentator on information technology. Among his twelve books are Database Nation: The Death of Privacy in the 21st Century (OReilly, 2001) and Practical UNIX and Internet Security, Third Edition (OReilly, 2003). A columnist for CSO magazine, Garfinkels columns earned the 2004 and 2005 Jesse H. Neal National Business Journalism Award. He recently received his Ph.D. in computer science from MIT.

Beth Rosenberg is a writer, editor, and journalist with fifteen years of experience in emerging technologies. She has written for the Boston Globe, Boston magazine, and the Christian Science Monitor, and edited a book for Harvards Kennedy School of Government.