SSL
Secured Sockets Layer
Lori Fitterling LI843
What is Secure Sockets Layer
(SSL)?
It is protection of data transferred over the Internet
using encryption and enabled by a server's SSL
Certificate.
An SSL Certificate contains a public key and a private
key. A public key is used to encrypt information and a
private key is used to decipher it.
When a browser points to a secured domain,
an SSL handshake authenticates the server and
the client and establishes an encryption
method and a unique session key.
They can begin a secure session that protects
message privacy and message integrity.
SSL Does These Two Things
Authenticates the server and the client using
public- key signatures.
Provides an encrypted connection for the client
and server to exchange messages.
SSL & E-Commerce
Developed by Netscape in 1994 for transmitting private
documents
Has become the standard for e-commerce transaction
security
SSL encrypts data, like credit cards numbers and
personal information
Uses either 40-bit or 128-bit encryption
I found that 40-bit encryption has been hacked
Reasons Why You Would Use SSL
If you have an online store or accept online orders and
credit cards
If you offer a login or sign in on your site
If you process sensitive data such as address, birth date,
license, or ID numbers
If you need to comply with privacy and security
requirements
How to get an SSL Certificate
Buy one from vendor – Can run about $400.00 per year.
Or “self-sign” your own certificate using proprietary
software. Self-Signed certificates will trigger a warning
window in most browser configurations that will
indicate that the certificate was not recognized.
Example of a SSL security alert
Libraries Using SSL
White Library -- My Library Account
To comply with license agreements that only allow
access to authenticated users -- databases and
electronic journals
Websites About SSL
Media Lab:
http://medialab.di.unipi.it/doc/JNetSec/jns_ch11.htm
SSL.com Knowledgebase:
http://info.ssl.com/article.aspx?id=10241
WiseGeek: http://www.wisegeek.com/what-is-ssl.htm
Ourshop.com:
http://www.ourshop.com/resources/ssl.html
0
