Security & Encryption
From cryptography fundamentals to privacy protection—a comprehensive security knowledge system.
Prerequisites
Requires networking and OS fundamentals (Vol 3-4), knowledge of HTTP protocol.
Completion mark: Understand symmetric/asymmetric encryption principles, PKI system, web security attacks & defenses, OS security mechanisms, SDL process, DevSecOps, and software supply chain security.
Chapter 1: Cryptography Basics Complete
AES-GCM, RSA/OAEP, SHA-256, ECDH, Argon2—the encryption toolbox.
Chapter 2: PKI & Certificates Complete
X.509, certificate chains, ACME/Let's Encrypt, CT logs.
Chapter 3: Authentication & Authorization Complete
JWT, OAuth 2.0 + PKCE, OIDC, MFA/TOTP/WebAuthn.
Chapter 4: Web Security Complete
SQL injection/XSS/CSRF/SSRF, OWASP Top 10 2021, CSP.
Chapter 5: Operating System Security Complete
DAC/MAC, Linux Capabilities, SELinux/AppArmor, seccomp.
Chapter 6: Network Security Complete
iptables/nftables, IDS/IPS, WireGuard VPN, Zero Trust.
Chapter 7: Application Security & SDL Complete
SDL 7 phases, STRIDE, SAST/DAST/SCA, vulnerability response.
Chapter 8: Privacy & Data Protection Complete
GDPR, anonymization, differential privacy, data lifecycle management.
Chapter 9: DevSecOps—Shifting Security Left in the Pipeline Complete
SSDF, SAST/DAST/SCA integration, secrets management, container signing, Policy as Code.
Chapter 10: Software Supply Chain Security—SBOM, Signing & Building Trust Complete
SBOM, SLSA L1-L4, dependency governance, Sigstore/Cosign, build integrity.
This volume has 10 chapters, all complete.