Secure Socket Layer provides security services by encrypting the data exchanged between the server and the client with an algorithm symmetric encryption, typically the RC4 or IDEA, and encrypting the session key RC4 or IDEA using an encryption algorithm public key, typically the RSA.
Origin Of Secure Socket Layer
Secure Socket Layer is a set of protocols general character designed in 1994 by the company Netscape Communications Corporation and is based on the combined application of Symmetric Cryptography, Cryptography Asymmetric (public key), digital certificates and digital signatures for a channel or secure means of communication over the Internet.
Symmetric cryptographic systems, the main engine for encrypting data transferred in communication, take advantage of the speed of operation, while asymmetric systems are used for the secure exchange of symmetric keys, thereby solving the problem of confidentiality. in data transmission.
Process Of Secure Socket Layer
When connected to a secure server ( https: // www … ), browsers warn of this circumstance by means of a yellow padlock on the bottom partner and also allow to check the information contained in the digital certificate that enables it as a secure server. SSL allows collecting data such as credit card information, etc. in a secure environment since the information sent through a secure form is transmitted to the server in encrypted form.
SSL implements a negotiation protocol to establish a secure communication at the socked level (machine name plus port), transparently to the user and the applications that use it.
When the client asks the secure server for secure communication, the server opens an encrypted port, managed by a software called the SSL Record Protocol, located above TCP. The top-level software, SSL Handshake Protocol, will use the SSL Record Protocol and the open port to communicate securely with the client.
Also Read: Definition Of Gadget – History Of Gadget, Examples & Know About Top 10 Gadgets
General characteristics Of Secure Socket Layer
- SSL implements a negotiation protocol to establish a secure communication at the socked level (machine name plus port), transparently to the user and the applications that use it.
- The identity of the secure web server (and sometimes also of the client user) is obtained by means of the corresponding Digital Certificate, of which its validity is verified before starting the exchange of sensitive data (Authentication), while the security of data integrity exchanged, the Digital Signature is carried out through hash functions and the checking of summaries of all the data sent and received.
- SSL provides security services to the protocol stack, encrypting outgoing data from the Application layer before they are segmented into the Transport layer and encapsulated and sent by the lower layers. What’s more, you can also apply compression algorithms to the data to send and fragment blocks larger than 214 bytes, re-assembling them at the receiver.
- The identity of the secure web server (and sometimes also of the client user) is obtained by means of the corresponding Digital Certificate, of which its validity is verified before starting the exchange of sensitive data (Authentication), while the security of data integrity exchanged, the Digital Signature is carried out through hash functions and the checking of summaries of all the data sent and received.
- Its implementation in the OSI and TCP / IP reference models, SSL is introduced as a kind of additional layer or layer, located between the Application Layer and the Transport layer, replacing the sockets of the operating system, which makes it independent of the application that uses it, and it is generally implemented on port 443.
Also Read: Concept Of Gmail – History, Characteristics & Know More About Gmail