research staff member
"When I was a kid, I read a lot. I read books in Italian, Latin, ancient Greek, and English, but at that time I had no idea I would become a book author myself!"
On the book: Enterprise Java Security (2004)
What made you decide to write a book on this topic?
I have followed the evolution of Java security from the beginning. I have published several conference papers and journal articles on Java security. My first book on this topic, Internet Security in the Network Computing Framework, described how Java security had changed from its original sandbox model and had become a reliable platform. The next book on this topic was Java 2 Network Security, Second Edition. It described the Java 2, Standard Edition (J2SE) fine-grained access-control model. However, no book had been published yet on Java 2, Enterprise Edition (J2EE) security. We kept receiving questions from IBM colleagues on complicated J2EE security issues. Additionally, every time we went to a conference, researchers from various institutions approached us and asked us questions on J2EE security. One day, I got together with my colleagues Larry Koved, Anthony Nadalin, and Nataraj Nagaratnam, and we realized that a book on J2EE security was necessary. We worked very hard and in February 2004 we published the book Enterprise Java Security, which covers all the aspects of J2EE and Web Services security.
How did you go about the research necessary to write such a technical book?
Java security has been my area of research for many years now. I constantly read every scientific paper and journal article that is published on this subject and collaborate with other researchers worldwide who work on security issues. My Ph.D. thesis presented a unified mathematical model for stack- and role-based authorization systems, such as J2SE and J2EE, respectively. My daily job at IBM is to do research on Java security. Therefore, it just made sense to publish books in this area.
What are the greatest challenges to you as an author?
When I wrote my first book in 1997, I had just moved to IBM USA from IBM Italy, and even though I spoke English fluently, the greatest challenge was to write correct English! Fortunately, I was assisted by a very good team of editors. Since then, I wrote several other books and writing in English has now become more natural than writing in Italian. The greatest challenge, now, is finding the time to write. For example, I have in mind another security book that I would really love to write. The challenge will be to find the time to write it, but I am sure that I will make it happen because I am really highly motivated.
What or who inspires and encourages you to write?
My family and my Ph.D. thesis advisor, Prof. Robert J. Flynn, have been very supportive and have always encouraged me to write.
What advice do you have for aspiring authors?
It is very important to find a good publisher and good reviewers, and to reserve some time for writing every day.
Who are some of your favorite authors today?
Research keeps me very busy, so my readings are mostly technical. However, when I have some time, I like to read thrillers and science-fiction books. My favorite author is Isaac Asimov.
What role did books play in your childhood?
When I was a kid, I read a lot. I read books in Italian, Latin, ancient Greek, and English, but at that time I had no idea I would become a book author myself!
Other books by Marco Pistoia
Marco Pistoia, Nataraj Nagaratnam, Anthony Nadalin, and Larry Koved. Enterprise Java Security. ISBN 0321118898. Addison-Wesley. Reading, MA, February 2004.
Marco Pistoia, Duane F. Reller, Deepak Gupta, Milind Nagnur, and Ashok K. Ramani. Java 2 Network Security, Second Edition. ISBN 0130155926. Prentice Hall PTR. Upper Saddle River, NJ, August 1999.
Marco Pistoia, Kenji Kojima, and Narayan Raghu. Internet Security in the Network Computing Framework. ISBN 0738400653. IBM Redbooks. Research Triangle Park, NC, September 1998.
Marco Pistoia and Corinne Letilley. IBM WebSphere Performance Pack: Load Balancing with IBM SecureWay Network Dispatcher. ISBN 0738414328. IBM Redbooks. Research Triangle Park, NC, October 1999.
Marco Pistoia and Poh Yee Tiong. IBM WebSphere Performance Pack: Caching and Filtering with IBM Web Traffic Express. ISBN 073841431X. IBM Redbooks. Research Triangle Park, NC, October 1999.
Marco Pistoia, Tom Menner, Catherine Milligan, and Bobby Gia Pham. IBM WebSphere Performance Pack: Web Content Management with AFS Enterprise File System. ISBN 0738414352. IBM Redbooks. Research Triangle Park, NC, October 1999.
Marco Pistoia, Vincenzo Iovine, and Stefano Pischedda. IBM WebSphere Performance Pack Usage and Administration. ISBN 0738412163. IBM Redbooks. Research Triangle Park, NC, November 1998.
Barry Nusbaum, Thomas Liu, Marco Pistoia, and Giancarlo Rochester. Network Computing Framework for e-business Guide. ISBN 0738401072. IBM Redbooks. Research Triangle Park, NC, September 1998.
Barry Nusbaum, Marco Pistoia, Giancarlo Rochester, and Thomas Liu. Network Computing Framework Component Guide. ISBN 0738403954. IBM Redbooks. Research Triangle Park, NC, November 1997.