Volume 11, Number 2, May 2004
Technology Electronic Reviews (TER) is a publication of the Library and Information Technology Association.
Technology Electronic Reviews (ISSN: 1533-9165) is a periodical copyright © 2004 by the American Library Association. Documents in this issue, subject to copyright by the American Library Association or by the authors of the documents, may be reproduced for noncommercial, educational, or scientific purposes granted by Sections 107 and 108 of the Copyright Revision Act of 1976, provided that the copyright statement and source for that material are clearly acknowledged and that the material is reproduced without alteration. None of these documents may be reproduced or adapted for commercial distribution without the prior written permission of the designated copyright holder for the specific documents.
Contents:
- REVIEW OF: Robbie Allen and Alistar G. Lowe-Norris. (2003). Active Directory. Sebastopol, CA: O'Reilly. By Stacey Greenwell.
- REVIEW OF: Mark O'Neill, et al. (2003). Web Services Security. Berkeley, CA: McGraw-Hill/Osbourne. By Wendi Ackerman.
- REVIEW OF: Dave Pawson. (2002). XSL-FO. Sebastopol, CA: O'Reilly. By Craig S. Booher.
- REVIEW OF: John Savill. (2003). The Windows XP/2000 Answer Book: A Complete Resource from the Desktop to the Enterprise. Boston, MA: Addison-Wesley. By Janet A. Crum.
- About TER
REVIEW OF: Robbie Allen and Alistar G. Lowe-Norris. (2003). Active Directory. Sebastopol, CA: O'Reilly.
by Stacey Greenwell
One of the most significant changes in Windows networking was the introduction of Active Directory with Windows 2000. In a nutshell, Active Directory is an LDAP-based (Lightweight Directory Access Protocol) directory service which serves as a repository of information about network objects, such as users, computers, groups, etc. Each object has attributes, notably permissions, which allow the administrator to centrally distribute access to computers, files, programs, etc. The objects are stored hierarchically in Active Directory, which is similar to the Windows file system. In this hierarchy, the administrator can set up organizational units to delegate control to other administrators for selected resources. In addition to being a management tool for information technology staff, Active Directory can contain inventory data, contact information, etc. for use by the organization. Active Directory has certainly benefited system administrators and their organizations, yet can be a burden, as Active Directory can be complicated to design and support.
Active Directory (second edition) by Robbie Allen and Alistair G. Lowe-Norris provides a comprehensive examination of Active Directory for both Windows 2000 and Windows Server 2003. This book serves as an excellent resource to thoroughly understand how Active Directory works, how to develop the directory infrastructure, and how to manage the directory long-term. This is the second edition of Active Directory which serves as a significant upgrade to the previous edition. The first edition covered only Windows 2000, whereas this edition has been revised to include Windows Server 2003. The entire book has been updated to include the over 100 new and enhanced features available in Windows Server 2003.
This is not a book which provides step-by-step screenshots for using the Active Directory console or other tools within the Windows Resource Kit. Readers who are looking for a basic how-to book or tutorial should look somewhere else. This book covers the principles of design and management, building on basic concepts to provide a solid foundation to understanding how Active Directory works. With that in mind, this is not a book for someone who is entirely new to basic networking concepts or to Windows administration. To get the most out of this book, some background in Windows networking is essential.
The first section of the book focuses on Active Directory basics, providing the fundamentals of how objects are stored and identified, as well explanations of essential topics such as LDAP, Kerberos, DNS (Domain Name System), multi-master replication, group policy, and data partitioning. The group policy primer is particularly helpful, as the authors provide explanations of many of the settings in the administrative templates.
Part Two of the book covers Active Directory design. The authors use several example corporations to demonstrate designing the directory, from setting the number of domains, designing the tree structure, developing the naming scheme, creating the hierarchy of organizational units, designing the users and groups, creating the global catalog, and designing the application partition structure. If the reader is faced with the task of creating a directory from scratch, this section asks all the right questions and provides suggestions to aid in this task. For those who may be administering an existing Active Directory, the design section is still useful, as it encourages the reader to think in terms of how the directory was built.
The third section of the book focuses on scripting Active Directory using ADSI (Active Directory Services Interfaces), ADO (ActiveX Data Objects), and WMI (Windows Management Instrumentation). In the introductory pages, the authors assure the reader that scripting Active Directory is easy, emphasizing that it is not necessary to have an understanding of programming languages. The authors provide a detailed introduction, definitions of various terms, and many examples which do make creating some simple scripts somewhat straightforward.
Overall, the tone is quite authoritative and articulate, and the authors have quite distinguished experience. Robbie Allen is a Senior Systems Architect at Cisco Systems and was instrumental in the deployment of Active Directory, DNS, and DHCP (Dynamic Host Configuration Protocol) at Cisco. Allen has recently published an additional Active Directory title for O'Reilly, Active Directory Cookbook for Windows Server 2003 and Windows 2000. Alistair G. Lowe-Norris serves as the Architectural Enterprise Strategy Consultant for Microsoft U.K. and was leader of the Rapid Deployment Program for Windows 2000 at Leicester University. Additionally, Lowe-Norris has been a technical editor and author for both Windows Scripting Solutions and Windows & .NET Magazine.
Like many O'Reilly publications, Active Directory is a challenging read, but ultimately serves as one of the most comprehensive books available on the topic. Particularly helpful are the design examples, definitions of settings, the few hands-on tutorials, and the detailed index. Like many O'Reilly publications, this book serves as a helpful reference when questions arise and a detailed explanation is in order. While readers with a sketchy background in Windows networking will likely learn from this book, particularly from the first section which thoroughly explains the concepts behind Active Directory and how it works, this still remains a book which best serves those with a solid background in networking and Windows concepts.
Stacey Greenwell is Desktop Support Librarian for the University of Kentucky Libraries in Lexington, Kentucky.
Copyright © 2004 by Stacey Greenwell. This document may be reproduced in whole or in part for noncommercial, educational, or scientific purposes, provided that the preceding copyright statement and source are clearly acknowledged. All other rights are reserved. For permission to reproduce or adapt this document or any part of it for commercial distribution, address requests to the author at stacey@uky.edu.
REVIEW OF: Mark O'Neill, et al. (2003). Web Services Security. Berkeley, CA: McGraw-Hill/Osbourne.
by Wendi Ackerman
"Without trust and security, Web services are dead on arrival." - Phillip Hallam-Baker
If you do a Google search on the phrase "web services security," among the top results you will find three of the biggest names in the industry: Vordel, Ltd., VeriSign and OASIS. You will also find them in the book Web Services Security. Mark O'Neill, principle author, is CTO of Vordel, Ltd., a company specializing in XML communications security. Phillip Hassan-Baker, co-author, is a scientist for VeriSign and a leader in the development of web services security standards. President and CEO of OASIS (Organization for the Advancement of Structured Information Standards), Patrick J. Gannon, weighs in with the book's forward.
Given the expertise brought to the table by these authors (and five more well-qualified co-authors), one might be concerned that the book could be too technical for anyone but security professionals, but this is not the case. Written primarily for software developers involved in the production of web services, it is also very appropriate and accessible for anyone interested in the topic with a background in web development and a basic knowledge of XML (eXtensible Markup Language).
Divided into five parts, Web Services Security begins with the fundamentals and builds up to illustrative case studies. Although the authors do an excellent job of explaining the concepts in plain English, if you are unfamiliar with the acronyms used extensively throughout the book, it might be helpful to jot them down on a list to which you can refer as needed.
Part One (three chapters) provides a solid introduction to the concepts by breaking them down into two separate chapters, one on web services and a second on security. The first chapter does a very good job of defining Web services, as well as introducing basic vocabulary and code examples. Chapter Two clarifies security by delineating it to building blocks and various layers. Chapter Three provides a context for the previous two by discussing the practical challenges and threats facing web services security with relevant real-life examples.
Part Two (five chapters) makes up the largest section of the book and is devoted to XML security, as XML security forms the basis of the technologies to follow in subsequent chapters. The two key concepts are discussed separately (much like in Part One), in one chapter on XML Signature and another on XML Encryption. The concepts introduced previously in Part One such as SAML (Secure Assertion Markup Language), XACML (eXtensible Access Control Markup Language) and XKMS (XML Key Management Specification) are given more detailed coverage in the following three chapters respectively.
Building on Parts One and Two, Part Three (a single chapter) introduces WS-Security, which incorporates XML Signature, XML Encryption and SAML. Microsoft initially released WS-Security in 2001, and later teamed with IBM to release a joint document entitled "Security in a Web Services World." WS-Security is now being developed by a Web Services Security Technical Committee within OASIS.
Part Four (Chapters Ten through Twelve) introduces security in Web services frameworks, focusing on architecture, functionality and major security threats. Covered here are two Microsoft applications that should be at least somewhat familiar to regular Web users, Passport and .Net. A similar effort introduced by SUN Microsystems, the Liberty Alliance Project, is covered in chapter eleven. Chapter Twelve looks at the UDDI (Universal Description, Discovery and Integration) protocol and associated authentication issues.
Part Five (two chapters and an appendix) covers a topic related to Web services security, ebXML (e-business XML), and introduces the basic legal considerations related to secure online transactions. The book concludes with an appendix of three brief case studies that demonstrate how Web services security has been applied to a service portal, foreign exchange transactions and an XML gateway. The latter XML gateway study is also an example of a Vordel product, VordelSecure.
This book is a great place to start for someone who needs to get up to speed with security issues on the Web. It does an excellent job of introducing the reader to the history, purpose and basics on the topic, making it understandable to even novice Web developers. Some chapters are not quite as strong as others, for example the chapter on legalities is well worth taking a look at but is not as accessible as the rest of the book.
This book is not, however, a step-by-step manual to implementing Web services security. The case studies and code examples, while helpful, do not provide the comprehensive information needed to actually deploy a security application.
As with most books on digital technologies, changes occur so rapidly that it is important to seek out more timely information. Current standards and developments can be found by visiting the following Web sites:
OASIS-open
http://www.oasis-open.org/home/index.php
Security.itworld.com
Wendi Ackerman is Electronic Services Librarian at the Health Sciences Library, SUNY Upstate Medical University.
Copyright © 2004 by Wendi Ackerman. This document may be reproduced in whole or in part for noncommercial, educational, or scientific purposes, provided that the preceding copyright statement and source are clearly acknowledged. All other rights are reserved. For permission to reproduce or adapt this document or any part of it for commercial distribution, address requests to the author at ackermaw@upstate.edu.
REVIEW OF: Dave Pawson. (2002). XSL-FO. Sebastopol, CA: O'Reilly.
by Craig S. Booher
In the beginning, there was simply the Extensible Stylesheet Language (XSL). Eventually, it fostered XSL Transformations (XSLT) and Extensible Stylesheet Language Formatting Objects (XSL-FO). Throw in the competing Document Style Semantics and Specification Language (DSSSL) and Cascading Style Sheets Level 2 (CSS2) and you now have a language group that will challenge even the most stalwart computer linguist.
Learning any new language is often a challenge, especially if it involves a new alphabet as well. In college, I took several courses on the Russian language. One fellow student came from a family where Polish was still spoken at home. One would think that the similarity in the two languages would facilitate learning the second. In some respects it does, because many words have similar roots in the two languages. In other respects it does not, because declensions vary. While the rest of us struggled just to learn the new language, this particular student was additionally challenged to prevent Polish from creeping into his Russian answers.
The "X" group of languages (XML, XSL, XSLT, XSL-FO, …) offers the same challenges as Polish and Russian. Learn one and you begin to understand the basic principles of the language group. Learn a second and now you need to remember which syntax variation is associated with which language.
Pawson's book sheds considerable light on one of these languages by offering a solid introduction to XSL-FO. The first two chapters provide an overview of XSL-FO and its major parts. Pawson sets the stage by noting that XSL-FO is used to create paginated print versions of XML documents. The production process requires a source XML document to which is applied an XSLT transformation. This produces an XSL-FO document, which is simply another XML document that uses the XSL-FO vocabulary. The XSL-FO document contains formatting instructions that define the print layout for the content of the document. A formatting engine is then required to interpret the XSL-FO document in order to generate the desired output.
The book continues from here by briefly exploring the development of XSL-FO and placing it in the context of its companion languages noted above. Three fundamental aspects of styling (page layout, blocks, and inline content) are introduced. The introductory material concludes with a helpful discussion of shorthands and inheritance.
The next seven chapters form the core of the book. Chapters 3 and 4 focus on page layout. Pawson expends considerable effort introducing the reader to the fundamentals of layout. He begins by describing the three major divisions of a document (front matter, main matter, and back matter). Then he discusses the two main parts of an XSL-FO document. He continues with an extensive presentation on page models, introducing such concepts as regions, writing modes, and content flows. He concludes this section with a discussion on areas that are informally defined as imaginary rectangles on a page. The art of layout is the use of areas to place information on a physical page. Two formatting objects, block-areas and inline-areas, are used to create areas.
Blocks are smaller parts of documents such as paragraphs and lists. Chapter 5 focuses on four main blocks - fo:block, fo:block-container, fo:list and fo:table. Various sections describe how to separate blocks, specify backgrounds, handle images, and decorate blocks.
Inline elements represent content that, when formatted, doesn't wrap to a new line. Chapter 6 presents the content model for fo:inline. It describes the different types of formatting that can be used inside block containers, including inline containers, inline graphics, word and letter spacing and fo:leader. The last section in this chapter provides details on how to create page headers using inlines.
The last three core chapters cover, sometimes briefly, a variety of other topics. Chapter 7 looks at graphics and color formatting objects. Chapter 8 describes options for formatting at the character level. Chapter 9 explores the use of links to create cross-references, tables of contents and indexes.
Finally, Chapters 10 and 11 step back and provide some context for all of the detailed discussion presented in the earlier chapters. Here, Pawson rather succinctly suggests a process for designing and developing an XSL-FO document and provides some advice on structuring and organizing stylesheets.
A series of seven appendices rounds out the book. One provides answers to about 15 FAQ's commonly asked about XSL-FO. Another provides a short, section by section, introduction to the W3C (World Wide Web Consortium) Recommendations. A third includes brief descriptions of a dozen formatting engines. Recognizing this information easily becomes dated, Pawson offers his personal website as a source for current descriptions. Unfortunately, this reviewer was unable to locate such information at the URL provided in the book.
One other appendix is definitely worth noting. It consists of two tables correlating the elements in the fo namespace with their properties. The first table is arranged by element and shows the valid properties for that element. The second table is arranged by property and shows the elements to which that property applies.
According to the author, this book is written for users, not implementors, of the W3C Recommendation. Pawson anticipates the audience could include technical authors engaging in stylesheet design or software developers designing media output; in short, anyone who wants to transform their XML documents into print. He does admit that a basic understanding of XML and XSLT is necessary in order to benefit from the book.
As with most books in this genre, the writing is clean and the information is introduced in chunks easily digested by the reader. The requisite examples are scattered throughout the book in sufficient number to help clarify the text for the reader. Some examples present just the XSL-FO syntax. Others include output examples with the syntax listing. This reader would have preferred more of the latter. The discussions on page layout and related topics benefited tremendously from the inclusion of well-labeled figures depicting the various components described in the text.
This book fits in admirably with the proliferating pantheon of "X" books. If you want to transform your XML document to print, you'll definitely benefit from reading this book. If you are already skilled in DSSSL, XSLT, or other stylesheet languages, just beware that your syntaxes may start to flow together. Remember, there is no Esperanto in the "X" world.
Craig S. Booher has over 20 years experience as an information professional designing, developing, and implementing information systems in academic libraries and corporate information centers
Copyright © 2004 by Craig S. Booher. This document may be reproduced in whole or in part for noncommercial, educational, or scientific purposes, provided that the preceding copyright statement and source are clearly acknowledged. All other rights are reserved. For permission to reproduce or adapt this document or any part of it for commercial distribution, address requests to the author at cjbooher@athenet.net.
REVIEW OF: John Savill. (2003). The Windows XP/2000 Answer Book: A Complete Resource from the Desktop to the Enterprise. Boston, MA: Addison-Wesley.
by Janet A. Crum
Though Windows 1.0 officially debuted in 1985 (Microsoft, 2003), many computer users got their first Windows experience in the early 1990s with one of the Windows 3.x releases. Back then, Windows was just a desktop environment, a graphical front end for MS-DOS rather than an operating system in its own right. Now, Windows is not only a desktop operating system but a server and network platform as well. And, as this book demonstrates by its sheer bulk (over 1200 pages), Windows has become considerably more complex than it was in its early days. As Windows grows in complexity, support technicians and system administrators need a solid reference to introduce and explain the platform's many new features. The Windows 2000/XP Answer Book plays that role nicely, providing a wealth of information for advanced users on many topics in short, easy-to-follow entries.
In his introduction, author Savill states that the book is, "designed to appeal to everyone from the beginning user to an experienced system administrator" (lxxiv). This statement is a bit misleading; any book that discusses kernels and virtual memory in the first chapter is not for beginning users! There is some material for beginners here, but the bulk of the book is more suitable for support technicians, network personnel, and system administrators. The book tells the reader how to perform specific tasks, but it does not-with a few exceptions-provide a general introduction to a topic or basic instructions for beginners. For example, the short section on backups discusses backup strategies (differential vs. incremental, etc.), how to run NT Backup from the command line, and how to back up the Registry, but nowhere does it tell the reader how to access, configure, and use the GUI backup program that comes with Windows 2000 and XP.
Savill maintains John Savill's FAQ for Windows (http://www.windows2000faq.com) on the Windows and .NET Magazine Web site, and this book is an expanded version of this FAQ. It retains the FAQ format, composed of over 1500 entries arranged in 38 chapters. Each entry is designed to be self-contained, including everything the reader needs to know to complete a given task, so there is some repetition from one entry to another. The primary focus is Windows 2000 and XP, and most entries apply to both versions. The title of the entry clearly indicates if it applies to only one or the other. A few entries apply to Windows NT 4.0 only; these are clearly labeled as such in both the table of contents and the entries themselves.
The chapters cover a broad range of Windows-related topics. Each chapter contains a short introduction, ranging from a paragraph to a page or two, followed by FAQ entries. The first seven chapters cover general information about Windows 2000 and Windows XP, installation, service packs, and configuring the system and user accounts. Chapter 8 covers the desktop environment and is one of the few chapters that include a substantial amount of material for end users. Chapters 9 through 12 cover system information, the registry, system recovery, and backups. Chapters 13 through 19 cover material related to networking, including general information about Windows networking, domains, active directory, group policy, TCP/IP (Transmission Control Protocol over Internet Protocol), DNS (Domain Name System), and DHCP (Dynamic Host Configuration Protocol). The next four chapters cover Windows filesystems (including Dfs), RAID (Redundant Arrays of Inexpensive Disk), and terminal services. Chapter 24 is devoted to Internet Explorer and includes material of interest to end users as well as administrators. The remainder of the book covers performance, printing, multimedia (more material for end users here), security, RAS (Remote Access Services) and RRAS (Routing and Remote Access Services), utilities, the command prompt, batch files, Windows Scripting Host, hardware, compatibility issues, and ISA (Internet Security and Acceleration), plus a chapter labeled Miscellaneous and an extensive chapter on problem solving. Potential readers should note that the book covers only Windows itself and applications that are bundled with it; it does not cover Microsoft Office or other Microsoft applications. Third-party add-ons are mentioned occasionally but not covered in detail.
The FAQ arrangement works well and facilitates browsing within a given topic. Some chapters, however, include more than 80 entries (and one has over 200), making browsing a bit time-consuming. Browsing would be easier if longer chapters were arranged by subtopic. It would also be helpful if material appropriate for end users was grouped together in each chapter or flagged in some way. Instead, it is buried amid higher-level material, making the book less useful for non-experts. The book does include a detailed index, which helps the reader find entries on more specific topics at an appropriate level.
Before purchasing this book, one should consider the amount of overlap between the book and the aforementioned FAQ for Windows. Based on a random sample of entries throughout the book, as well as a careful examination of one chapter, it appears that much of the book's content is available in the FAQ. Even the illustrations are the same in many cases. Occasionally the entries in the book have been edited to improve the text formatting and increase readability, but the content is essentially the same. Plus, the FAQ is searchable, can be browsed by topics that are often more focused than the book's chapter headings, and includes lots of new entries and other material not available in the book. Readers who prefer a print volume should purchase the book. Those who have ready access to the Internet when working with Windows or who require only intermittent access to this information may prefer to save $49.99 and use the FAQ for Windows Web site instead.
References:
Microsoft, Inc. (2003). Windows Products and Technologies History: Windows Desktop Products History. Retrieved April 23, 2004, from http://www.microsoft.com/windows/WinHistoryDesktop.mspx.
Savill, J. (2004). John Savill's FAQ for Windows. Retrieved April 23, 2004, from http://www.windows2000faq.com.
Janet A. Crum is Head, Library Systems & Cataloging, at Oregon Health & Science University in Portland, Oregon.
Copyright © 2004 by Janet A. Crum. This document may be reproduced in whole or in part for noncommercial, educational, or scientific purposes, provided that the preceding copyright statement and source are clearly acknowledged. All other rights are reserved. For permission to reproduce or adapt this document or any part of it for commercial distribution, address requests to the author at crumj@ohsu.edu .
About TER
Editor is Sharon Rankin, McGill University (sharon.rankin@mcgill.ca). Editorial Board Members are: Linda Robinson Barr, Texas Lutheran University (lbarr@tlu.edu); Paul J. Bracke, Arizona Health Sciences Library (paul@ahsl.arizona.edu); Brad Eden, University of Nevada, Las Vegas (beden@ccmail.nevada.edu); Kathlene Hanson, California State University, Monterey Bay (kathlene_hanson@csumb.edu); Adriene Lim, Wayne State University (ab7155@wayne.edu); Michelle Mach, Colorado State University (mmach.lib.colostate.edu); Florence Tang, Mercer University, Atlanta (tang_fy@mercer.edu); Stacey Voeller, Minnesota State University (voeller@mnstate.edu); and Laura Wrubel, University of Maryland (lwrubel@umd.edu).