Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Web Design

SSL The Secure Socket Layer protocol was created by Navigator

advertisement 
SSL
The Secure Socket Layer protocol was created by Navigator Internet browser in 1994. It is
used to ensure secure transactions between web servers and browsers. The protocol uses a third
party, a Certificate Authority (CA), to identify one end or both end of the transactions. A
browser requests a secure page (usually https ://).
How it works.
1. The web server sends its public key with its certificate.
2. The browser checks that the certificate was issued by a trusted party (usually a trusted
root CA), that the certificate is still valid and that the certificate is related to the site
contacted.
3. The browser then uses the public key, to encrypt a random symmetric encryption key
and sends it to the server with the encrypted URL required as well as other encrypted
http data.
4. The web server decrypts the symmetric encryption key using its private key and uses
the symmetric key to decrypt the URL and http data.
5. The web server sends back the requested html document and http data encrypted with
the symmetric key.
6. The browser decrypts the http data and html document using the symmetric key and
displays the information.
In Simple Way to understand:When a browser attempts to access a website that is secured by SSL, the browser and the web
server establish an SSL connection using a process called an “SSL Handshake”. Essentially,
three keys are used to set up the SSL connection: the public, private, and session keys.
Anything encrypted with the public key can only be decrypted with the private key, and vice
versa. Because encrypting and decrypting with private and public key takes a lot of processing
power, they are only used during the SSL Handshake to create a symmetric session key. After
the secure connection is made, the session key is used to encrypt all transmitted data.
SSL allows sensitive information such as credit card numbers, social security numbers, and login
credentials to be transmitted securely. Normally, data sent between browsers and web servers is
sent in plain text—leaving you vulnerable to eavesdropping. If an attacker is able to intercept all
data being sent between a browser and a web server they can see and use that information. More
specifically, SSL is a security protocol. Protocols describe how algorithms should be used; in this
case, the SSL protocol determines variables of the encryption for both the link and the data being
transmitted.
Third Party CA Best Example:-
Sample
IRTC Certificate Authority: - (Mozilla Firefox)
SSL Secured HTTPS Link
Security Information of IRTC
Third Party Certificate of IRTC
Certificate Contents (validity, Subject, Encryption Algorithm Details etc..)
How to identify the link is secured or not: - (Google chrome)
Related documents
Secure Socket Layer
Secure Socket Layer
SSL Supplement - YSU Computer Science & Information Systems
SSL Supplement - YSU Computer Science & Information Systems
Digital Envelopes, Secure Socket Layer and Digital
Digital Envelopes, Secure Socket Layer and Digital
Preoperative Information - Cornerstone Animal Hospital
Preoperative Information - Cornerstone Animal Hospital
OnlineBankingSecurit..
OnlineBankingSecurit..
sampleAnswer
sampleAnswer
Report for Lab 32
Report for Lab 32
17.1 Case Study Worksheet1
17.1 Case Study Worksheet1
Security in E
Security in E
Security+ Cheat Sheet
Security+ Cheat Sheet
Security+ Cheat Sheet
Security+ Cheat Sheet
note Commentsv3 - W3C Public Mailing List Archives
note Commentsv3 - W3C Public Mailing List Archives
Nessus_short_security_report
Nessus_short_security_report
Slides
Slides
Security in Online Banking
Security in Online Banking
Properties of Secure Network Communication Secrecy:
Properties of Secure Network Communication Secrecy:
A Tutorial on Web Security for E-Commerce
A Tutorial on Web Security for E-Commerce
Subject Alternative Names (SANs) Multi-Domain Unified Communications SSL Certificates
Subject Alternative Names (SANs) Multi-Domain Unified Communications SSL Certificates
IPSec and SSL
IPSec and SSL
Word Document Copy Pack
Word Document Copy Pack
AD024-001-safe transactions (neosis)
AD024-001-safe transactions (neosis)
2. Secure Web Switch
2. Secure Web Switch
Download
advertisement