Part 5 Securing service-to-service call chains
We’ve reached the final part of this book. So far, you’ve learned to use cryptography, build trust with certificates and Transport Layer Security (TLS) and authenticate users with modern identity protocols. But securing applications doesn’t stop at users. In large systems, the real challenge is keeping the services honest, proving who they are and making sure that they can do only what they’re allowed to do.
In this part, we’ll look at service identity (chapter 16), the foundation for secure service-to-service communication in a zero-trust world. Then we’ll turn to authorization at scale (chapter 17), exploring RBAC, ABAC, and ReBAC, and showing you how to choose the right model for your architecture without drowning in complexity.
This closing part ties everything together. By the end, you’ll have the tools to secure not only users but also the services and workflows that make up modern cloud-native systems. It’s a fitting way to conclude our journey from understanding the math behind cryptography all the way to building systems that stay secure at scale.