It is highly recommend that you start with this course in the Stanford Advanced Computer Security Certificate Program. It provides the necessary fundamentals for subsequent program curriculum.
This course covers three topic areas:
Computer Security Principles explores security objectives such as authentication, authorization, access control, confidentiality, data integrity and non-repudiation. The module also covers software design principles, including the principles of least privilege, fail-safe stance and defense-in-depth.
Introduction to Cryptography discusses both symmetric encryption and public-key cryptography, discussing how they are used to achieve security goals and build PKI (Public-Key Infrastructure) systems. The module also covers DES, 3DES, AES, RC4, RSA, ECC, MD5, SHA-1, X.509, digital signatures and all cryptographic primitives necessary to understand PKI. Diffie-Hellman key exchange and man-in-the-middle attacks will also be discussed.
Secure Programming Techniques examines the threats that worms and hackers present to software and the programming techniques that developers can use to defend against software vulnerabilities, such as buffer overflows, SQL injection, and off-line dictionary attacks. The module also covers common mistakes made in using cryptographic libraries and how they can be avoided.
Computer Security Principles
Introduction to Cryptography
Secure Programming Techniques
Dan Boneh, Professor of Computer Science and of Electrical Engineering, Stanford University
Neil Daswani, Chief Information Security Officer, LifeLock