___________________________________________________________________
Review of Kenneth Birman's
Building Secure and Reliable Network Applications
by Bob Bruen, Cipher Book Review Editor
____________________________________________________________________
Birman, Kenneth. Building Secure and Reliable Network Applications.
Manning, 1996 ISBN: 1-884777-29-5 , Hardbound, 591 pages, $58.00
Bibliography (381 items), index, appendix with 68 problems.
http://www.browsebooks.com; orders@manning.com Available through 
Prentice Hall. Power Point slides at ftp.cs.cornell.edu/pub/ken/slides/
--------------------------------------------------------------------
Well known Professor of Computer Science Ken Birman from Cornell
University, who is also Editor-in-Chief of ACM Transactions on Computer
Systems, has written an excellent book on network applications
security. The twenty-six chapters are divided into three main
sections: a very good introduction to distributed computing; the
second a section on the Web; the third, and largest section of the
book, is on reliable distributed computing.

The problem addressed by the book is the grounded in the growth of the
internet where distributed computing makes sense, but also where the
sheer size of the distribution causes problems beyond the problems that
might be inherent in a given application. For example, the routing
strategy of the early days was intended to solve the problems of
getting packets to and from distributed locations. A hierarchical
approach was logical and satisfactory, but today the scale has
overwhelmed this approach, requiring a new strategy that looks at
things as somewhat flat, a more distributed view. This view brings its
own set of problems with it that must be addressed. The scale of
difficulty in guaranteeing properties like response time and
performance are significantly increased. According to Birman the
"engineering discipline of reliable distributed computing is still in
its infancy." The situation is unlike the situation of the nations of
the world today. For many decades, the USA had allies that were in
opposition to the Soviet Union and its allies, two hierarchies with a
meeting place just short of war. Now the Soviet Union is broken into
many pieces, each with its own agenda. US allies in Europe are
developing their own agendas, that will not always agree with the US.
Moreover the nations of the Middle East and the Far East are developing
their own economies and power bases. The world has lost its own
hierarchical approach and is now a distributed system with many peering
power bases in several arenas that all must function together.

The world has already developed a few distributed systems that seem to
work, such as the air traffic control system. For the most part, I can
fly to anywhere in the world. The telephone system is another one that
appears to work reasonably well across international boundaries. Birman
is trying to push along the serious work of making computing across a
wide area into another successful example. The Web has taken the net to
its next level of usage because it gives the individual user and
interface of great value. It also provides a mechanism for an
organization to distribute information both internally and externally,
although internal may on another continent and external the office next
door. Birman, as have many others, mentions that it was not predictable
in 1985 that the internet would be so widespread with so much traffic.
I have never understood this belief. All one needs to do is count the
number of people on the planet (about 6 billion) to see a minimum base
for net activity. Sooner or later a large majority of people will have
some sort of connectivity to everyone else, not unlike telephones,
radios and televisions.

This is a large number of addresses and a lot of traffic, especially if
one considers applications such as full motion video. Very large
distributed systems will be very demanding. The basic services
underlying these systems will need to provide reliability and security
in a hostile environment. The international world of stock trading has
already stepped into this environment. New approaches were needed and
still more new approaches are needed to continue the growth of such
systems. A good grasp of the fundamentals is required for those who
work in developing new approaches, which can be acquired through this
book. There are not many books like this one, although there are many
journal articles and proceedings on the topic, which makes this book a
good resource.

The first eight chapters cover the communications, CORBA and client
server computing in a detailed and coherent manner. The Web gets three
chapters which addresses briefly the components, such as HTML, VRML,
plug-ins, etc, then the security and reliability aspects. A brief
chapter follows on related technologies. I expect a future edition
would expand these chapters. The next fifteen chapters are real heart
of the text, reliable distributed computing. Topics presented range
from retrofitting systems, transactional systems, distributed
management, probabilistic protocol and reasoning about distributed
systems. The last chapter covers a number of languages, toolkits and
systems that try to meet various challenges of distributed and
transaction systems, such as the Isis toolkit, Locus, and Argus.

I view this as a useful book and an important book. The topic is
timely, but more to the, point distributed computing will be a major
piece of the future of computing and it is being built now. If you are
interested in tomorrow's systems today, I recommend reading this book.
______________________________________________________________________