Have you ever felt that God has deserted you and that nothing is happening? It may be because God is working the night shift in your life and accomplishing things you haven't seen yet. Mehl has a down-home writing style that allows you to easily identify with his trials in life, and how God has done work behind the scenes to show His glory. Great book...

Target Audience
IT professionals who need to learn about the Rational Unified Process (RUP)

Contents
This book is a relatively high-level overview of the entire RUP process.

The book is divided into the following chapters: Software Development Best Practices; The Rational Unified Process; Static Structure: Process Description; Dynamic Structure: Iterative Development; An Architecture-Centric Process; A Use-Case-Driven Process; The Project Management Discipline; The Business Modeling Discipline; The Requirements Discipline; The Analysis and Design Discipline; The Implementation Discipline; The Test Discipline; The Configuration and Change Management Discipline; The Environment Discipline; The Deployment Discipline; Typical Iteration Plans; Implementing the Rational Unified Process; Summary of Roles; Summary of Artifacts; Acronyms; Glossary; Bibliography; Index

Review
The Rational Unified Process, or RUP, is a software engineering methodology that attempts to map out and document all parts of a software development project. It's extremely comprehensive, but it's also adaptable to whatever level of effort is appropriate for your situation. This book, The Rational Unified Process - An Introduction, is a good start to begin your understanding of RUP.

First off, let me say this is not an easy read. It's a good book with all the information you need to know to start using RUP, but the information is dense and highly detail oriented. Like most developers, I'm more oriented towards coding and testing. But realistically, you need to know what the system should do before you get to the coding piece. RUP helps to put all that into a formal framework so that the necessary things will get done in the proper order.

While the entire RUP framework might feel overwhelming, the author makes sure to let you know that you can adapt the RUP to meet your situation. If you are adding a function to an existing system, you will be more focused on use cases, development, and deployment processes. The author does a good job in segmenting the information so that you can more easily focus on your needs.

You should also not consider this the end-all volume on RUP that you will ever need. Kruchten doesn't try to detail specific techniques like use cases or UML. You will learn where they fit in to RUP, but you will need additional information on how to implement use cases or UML diagrams. Consider this the volume that allows you to place everything in a mental framework so that you can figure out what you will need to know going forward.

Conclusion
If you are considering or in the process of implementing RUP, this is a book you should be studying. It's not an easy read, but it will give you the overview you need to understand the process and concepts.

I'm currently in the middle of the book Scene Of The Cybercrime by Debra Littlejohn Shinder, but I decided to do a review right now. This is a really good book on a number of levels...

Most books on computer and network security are written for the techie trying to secure their assets from outside attack. Obviously, there's a huge need for that information. But it seems that there is virtually nothing written from the law enforcement perspective on computer security. That's a major problem in two ways... For one, there are too few law enforcement personnel that understand exactly what cybercrime is and how it can be detected, fought, and prosecuted. That's probably the audience that would benefit most from this book. Second, most technical personnel don't know what to do in order to successfully build a case and prosecute an attacker once an intrusion has occurred. That's the other audience that will gain the most from reading Shinder's work.

The book includes the following chapters: Facing the Cybercrime Problem Head On; Reviewing the History of Cybercrime; Understanding the People on the Scene; Understanding Computer Basics; Understanding Network Basics; Understanding Network Intrusions and Attacks; Understanding Cybercrime Prevention; Implementing System Security; Implementing Cybercrime Detection Techniques; Collecting and Preserving Digital Evidence; Building the Cybercrime Case

The hardcore network security administrator will probably already know most of the information in the "Understanding..." chapters. But unless they are adept or experienced in forensic analysis, the last three chapters will be crucial information for them. Without the knowledge of how to preserve evidence, there's a good chance that you'll never have the satisfaction of seeing your attacker prosecuted. Higher level managers of a corporate security department will find all of this information useful, as they may not be as hands-on as the administrators and may not understand what threats and risks are present in today's environment.

From the law enforcement perspective, it's all good. Fighting cybercrime is so different than regular law enforcement. This is the perfect volume to give the budding cybercop all the information they need to get up to speed with how crime is conducted electronically. I would recommend that this book be required reading for law enforcement and prosecution personnel.

The book is well written with plenty of real-life examples of criminal activities and legal scenarios. It's one of the most engrossing technical reads I've had in awhile. A definite recommended read...

Target Audience
Developers who want or need a practical course on data structures in computer programming.

Contents
This is a practical guide on data structures and how they are used in a programming environment.

The book is divided into the following chapters: Memory, Abstract Data Types, and Addresses; The Point About Variables and Pointers; What Is an Array?; Stacks Using an Array; Queues Using an Array; What Is a Linked List?; Stacks Using Linked Lists; Queues Using Linked Lists; Stacks and Queues: Insert, Delete, Peek, Find; What Is a Tree?; What Is a Hashtable?; Final Exam; Answers to Quizzes and Final Exam; Index

Review
If you went the traditional college route to make it into programming, you no doubt had a course or two on data structures. But if you're like me and more into the self-taught method, data structures are one of those things you hear about but never probably take the time to understand. You may use them, but you don't really understand the theory behind what they are and when they should be used. For you (and me), Data Structures Demystified helps get you up to speed in a practical, straightforward manner.

Each chapter follows a standard format. The subject (such as linked lists) is likened to some real world situation. The structure is then explained and illustrated in generic terms using C++ or Java code. The methods necessary to manipulate the data structure are explained, followed by an implementation in both C++ and Java code. Finally, there's a short quiz at the end to test your understanding of the concepts just discussed.

As a Java programmer, I found this book helpful in conceptually fleshing out some of the array constructs that you can use in the language. While many reference books might tell you that you have a HashMap class along with certain properties and methods, not too many books actually go into any depth about what a hashmap is and how it should be used. Having an understanding of these "whys" can make all the difference when you're trying to decide how best to structure your program.

And if you're tending to shy away from this title thinking it would be too simplistic, don't. This is not an entertainment book that treats you like a newbie. You'll have to think about what you're reading, and it will take some effort to understand the details. But it's all presented clearly, so at least you have a chance if you're not Einstein to begin with.

Conclusion
This book is very good for C++ and Java programmers who have not taken formal courses in data structures, and need a better understanding of the subject.

Target Audience
Java developers who want to learn to develop graphical applications using the Swing classes

Contents
This book is part of the Sun tutorial series, and concentrates on the Swing classes of the language.

The book is divided into the following chapters: Before You Start; Learning Swing By Example; Using Swing Components; Laying Out Components within a Container; Writing Event Listeners; Performing Custom Painting; Component Reference; Layout Manager Reference; Other Swing Features Reference; Event Listeners References; Troubleshooting Reference; Index

Review
Most of the coding I do in Java involves background agents that don't involve any sort of a user interface. But that's not to say that I haven't wanted to put a front end on some of my routines and allow for some user interaction. In order to do that, I need to learn more about how to use the Java GUI classes. This book, The JFC Swing Tutorial, is definitely what I need.

The book is a nice blend of tutorial and reference guide. The first six chapters are definitely tutorial in nature, with a number of examples and things you are asked to try and work through. At the end of each of those chapters, you'll find a series of questions and exercises that will allow you to assess your understanding of the material. Starting in chapter seven, the book moves more towards a reference manual, but not in the typical "here's the documentation" format. Each reference section has a series of "How To..." topics that give you more detailed information and examples about that feature. For instance, the formatted text field section has a demo of that feature, instructions on how to work with features in the JFormattedTextField class, and an API chart of the related classes and specific methods in JFormattedTextField. The blend of information and examples helps you to bridge the gap between theoretical and practical use.

The only "complaint" that one might have about this book is that much of the information can be found online at the Sun Java site. To that I say, "so what?" When I'm looking up a quick answer to something and I don't have my library available to me, online references are great. But when I'm learning a new skill, give me a book that I can carry around, mark up, and have open in front of me at the keyboard. It's how I work best.

Conclusion
This is a very complete and well-written volume on how to use the Swing GUI classes. If you need to learn how to move your Java programming in a graphical direction, you'll like this book.

O'Reilly has a book out called Digital Photography Expert Techniques by Ken Milburn. If you're ready to take your digital photography to the next level (close to professional grade), this is a book you'll want to see.

First off, the chapter contents: The Digital Photographer; Be Prepared; Bringing Out The Best Picture; Panoramas; Photoshop Selections, Masks, and Paths; Basic Digital Photo Corrections; Converting Photos to Paintings; Special Photographic Effects; Retouching and Rescuing Photos; Creating Fictitious Photos; Color Printing; Use Pictures to Sell Yourself; Sell It on the Web

This book targets the professional, or serious, digital photographer who is using an SLR digital camera with at least six megapixels and plenty of memory. It also assumes the use of Photoshop as the base editing tool for manipulating the images. But rather than stick with Photoshop as the only tool, the author will also educate you on other tools or plug-ins that will give spectacular results beyond what you could get by sticking with the base software. Another target for this book is the film photographer who wants to move to the digital realm, but doesn't quite know how best to set up the workflow of processing images. Because a digital photograph can take many forms after image enhancement, there are a number of good ideas here to help you know what to save and what to delete.

Each chapter is made up of a series of "tips" on how to do something interesting with your images or with your camera. For instance, in the retouching chapter, you'll find tips with the following titles: Restore Youth; Remove Stains; Eliminate Junk from the Landscape; Cosmetic Emphasis; Focus the Light on Points of Interest; Punch Out the Paunch; Proboscis Pruning and Changing Expressions; and Clone Detail from Another Photo. Each tip or technique is well documented as to the steps necessary in the software to accomplish the effect. He also usually shows before and after full-color comparisons so that you can visually grasp how the effect works and how you can use it in your own work.

Now, if you're like me, puttering around in the consumer world of digital cameras, you can still get some great ideas from this book. The tips on composition, image correction, and other basic skills are valid regardless of what level you're at. Your final result may not be quite as good as his due to not having an original image of the same resolution, but you can still end up with some stunning shots that will wow your friends.

Bottom line... quality information, well written, beautiful book that should be considered by any serious digital photographer.

Target Audience
Anyone with an interest in network security and wants to look into the mind of a network cracker/hacker.

Contents
This book is mostly a series of fictional stories written in first-person narrative on what happens during a network attack or an investigation into an attack.

The book is divided into the following chapters: Hide And Seek; The Worm Turns; Just Another Day At The Office; h3X's Adventures In Networkland; The Thief No One Saw; Flying The Friendly Skies; dis-card; Social (in)Security; BabelNet; The Art Of Tracking; The Laws Of Security

Review
All too often the topic of network security becomes an academic exercise, until it's too late. Companies might know what they should do, and they might even think they are beyond attack. But to a motivated person, your system may be nothing more than swiss cheese. Stealing The Network takes you beyond the technical and into the psychology of an attack.

Stealing The Network is a series of fictional stories about network attacks of various sorts. Hide And Seek is an attack on a company's network by a person upset with poor customer service. He steals a credit card file and posts it for others to use. The Worm Turns is an all-night hacking session to dissect the latest internet virus and post a patch before any of the other anti-virus firms do so. Just Another Day At The Office is a story of hacking for organized crime against a firm developing a new type of land mine, and involves both network and physical building intrusion. While it might be easy to dismiss these as the result of a vivid imagination, the reality is that all of these attacks are done on a daily basis. They may even have happened to you at your company, and you just don't know it yet.

The final chapter, The Laws Of Security, is a discussion of computer security and how you need to be thinking in order to secure your network. So it's not just a series of stories with no opportunities to learn what needs to be done. Also, each story is detailed with specific software and techniques used to accomplish the hack or the trackdown of the intruder. So as you're reading the story, you're actually picking up the necessary information you need in order to understand the network weakness and how to defend against it.

In my opinion, it's this blending of fictional reality that makes this book so valuable. I'd definitely recommend this to any security professional who is looking to understand the person behind the attacks.

Conclusion
An excellent read... Takes the subject of network security out of the academic and theoretical and places a face and attitude behind it all, while also teaching you the nuts and bolts of how attacks occur.

Another Savannah Reid mystery... Sugar And Spite. And I'm still liking this series a lot...

Savannah's ex-partner on the force, Dirk, is called by his ex-wife Polly (who Savannah can't stand) in what looks like a kiss and make up attempt. But Savannah gets a call from Dirk that turns their world upside down. Polly is dead, shot in Dirk's trailer, with Dirk's sidearm, her blood is all over Dirk, and neighbors heard them fighting before the gunshots. He says he came out of the shower to find someone there who had just shot Polly, but was unable to grab him before the intruder escaped. The chief of police seems to have it out for Dirk, and pushes hard to bring him up on murder charges. Savannah and the members and friends of her detective agency have to figure out who really did it and save Dirk from a lifetime of jail or worse.

The subplot here involves why the chief might want to have Dirk out of the picture, and what he may know about the crime. There is also a Savannah family subline (as there are in all the stories) that didn't work quite as well as the ones in the other stories. Her father who deserted the family when she was young has shown back up and wants to talk with her.

Fun read, good pacing, and some excellent themes of friendship, love, and loyalty. Probably one of the more emotionally satisfying stories I've read to date in this series.

Target Audience
Developers who want to start using JavaServer Faces (JSF) technology for their web applications

Contents
This is a comprehensive tutorial on the JSF technology, how it works, and how to code an application using it.

The book has the following chapters: Overview Of Java Web Technologies; Introduction To JavaServer Faces; Objects For Request Processing; The User Interface Component Model; JSF Simple Components; JSF Advanced Components; JSF Event Handling; Page Navigation; Validators; Converters; Internationalization And Localization; Renderers; Custom User Interface Components; Online Store Application; The Application Configuration File; Summing Up: How JSF Works; The JSP 2.0 Expression Language; The JSP Standard Tag Library; Installing And Configuring Tomcat 5; The Web Application Deployment Descriptor

Review
JavaServer Faces technology is gaining steam in the Java community as a standard framework for building web applications, much like Struts has become. If this is a primary part of your development activity, you'll need to get up to speed on how JSF works. This book will help you get started.

Budi starts by reviewing servlet and javaserver page concepts, which is what JSF is based on. Once that area is reviewed, he starts with the basics of JSF coding and gives you plenty of examples of how they are coded. To me, the writing style and examples are clear and appropriate for someone just starting out in this area. The chapters build on each other and it all comes together in chapter 14 where an entire online application is built. After working your way through the book, you should have a basic mastery of the technology.

With a little additional research, I found that there is a later release of the technology (JSF beta 1) that supercedes the release on which this book was written (JSF Early Access 4). Not yet being a JSF wizard, I can't tell you how much of a difference that will make in the accuracy of the information presented. The author has updated the examples on his web site to work with the beta 1 version, so be prepared for some of the examples to work a little differently than what you see in print. Unfortunately that's one of the drawbacks in trying to get a book in print about a technology who's foundational concepts are still in development. That's probably why they call it the "bleeding edge of technology".

Conclusion
I thought this was a well-written, understandable book on an emerging technology. Just keep in mind that what you currently read and what may be in the final release could change.

Target Audience
Developers and architects who are looking for an overview of Java security

Contents
This book is a wide-ranging coverage of security technology in J2EE and J2SE environments.

The book is divided into six parts:

Part I - Enterprise Security And Java - An Overview Of Java Technology And Security; Enterprise Network Security And Java Technology
Part II - Enterprise Java Components Security - Enterprise Java Security Fundamentals; Servlet And JSP Security; EJB Security; Enterprise Java Security Deployment Scenarios
Part III - The Foundations Of Java 2 Security - J2SE Security Fundamentals; The Java 2 Permission Model; Authentication And Authorization With JAAS
Part IV - Enterprise Java And Cryptography - The Theory Of Cryptography; The Java 2 Platform And Cryptography; PKCS And S/MIME In J2EE; The SSL and TSL Protocols In A J2EE Environment
Part V - Advanced Topics - Enterprise Security For Web Services; Security Considerations For Container Providers; Epilogue
Part VI - Appendixes - Security Of Distributed Object Architectures; X.509 Digital Certificates; Technical Acronyms Used In This Book; Sources Used In This Book

Review
Once you get past the Hello World applets and JSP pages, you will start developing applications that interact with the user and display dynamic content. And once that happens, you need to know who is asking for the data and whether they should be allowed to see it. You need to start understanding how security works in the Java world. And Enterprise Java Security is a good place to start gaining that knowledge.

The authors cover a lot of different concepts and technologies in this book. While nearly any of the subjects (like cryptography or web services security) could be expanded into a book in its own right, enough information is provided to give you the concepts necessary to grasp the essentials. From there, you can continue in your learning for the areas that apply to your situation. As I continue on in my Java education, I'll be able to use this book to come up to speed more quickly than I would be able to if I had to find the resources in multiple other places.

Code junkies may be a little frustrated with the book, in that there's more concept than code. While there are coding examples, you'll see less than you may be used to (or may want). I view it this way... I'd use this book to get an overview of Java cryptography. Once I understood the fundamentals, I'd seek out a book that dealt specifically with that subject to take me beyond the basics. But by understanding "what I don't know" first, I'll be better prepared to get the most out of more advanced texts with plenty of code included.

Conclusion
A good selection for Java developers and architects who need a comprehensive overview and understanding of security for Java-based systems and environments. From here, you can delve more deeply into the specific areas that apply to your project or environment.