¶ … Secure Sockets Layer (SSL) is defined by Techtarget (2010) as a common employed protocol used for the management of security of information being transmitted over the internet. SSL has been recently succeeded by the Transport Layer Security (TLS), a protocol that is based on SSL. SSL operates on the program layer that is located between the Transport Control Layer (TCP) and then Hypertext Transfer Protocol. PCI (2008) referred to SSL as the established industry standard that is used in the encryption of the channel between a given web browser and an appropriate web server in order to ensure that there is privacy and reliability in the information that is being transmitted over the given channel.
SSL is basically included as part of the web browsers as well as Web servers. Patel (2008,p.223) indicated that the SSL protocol was originally developed by Netscape in order to ensure that the security of information that is being transmitted as well as routed via HTTP,POP3 or LDAP was assured.The protocol had since then been adopted by Microsoft as well as other client/server developers as the de facto standard prior to its evolution into Transport Layer Security (TLS).The "sockets" in the term is used to refer to the sockets method of data transmission to and from a client/server-based program in a network or even between various program layers in a common, same computer. SSL employs public -- and private key encryption system from the RSA and includes the application of a digital certificate.
How SSL works
According to Patel (2008,p.223), SSL is specially designed in order to employ TCP as its communication layer so as to provide a reliable, secure and authenticated end-to-end connection between two different points over a given network.
The Objectives of SSL
Onyszko (2004) outlines the basic objectives as well as architecture of SSL. The first objective of SSL is to authenticate a client and server against each other. It does this by providing and supporting the use of standard key cryptographic techniques (otherwise known as public key encryption) in authenticating the communication between two parties. The second objective is to ensure integrity of the data being transmitted. The third objective is to secure the privacy of data being transmitted. The data is secured against interception.
SSL is noted never to be a single protocol but rather comprises of a set of protocol that can be divided into two layers (Onyszko,2004). The first protocol is the one that ensures that there is data integrity and security. This layer is made up of SSL Record Protocol. The second layer comprises of protocols that are designed in order to ensure that an SSL connection is successfully established.It comprises of the SSL Handshake protocol, SSL Change Cipher Spec Protocol as well as the SSL Change Cipher Spec Pprotocol (Onyszko,2004).
Figure 1: SSL protocol and the layers within which it operates (Source: )
Source (Onyszko,2004).
Authentication options
GeoCerts (2011) indicated that there are basically two main types of SSL certificate authentication. The full-authentication and the domain authentication. The full authentication contains the domain name, legal business name, geographical location information e.g city and state as well as the country in which a given business is registered.
You’re 85% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.