1 / 17

SECURE SOCKET LAYER (SSL)

By: Hassan Waqar. SECURE SOCKET LAYER (SSL). WHAT IS SECURE SOCET LAYER (SSL) ?. A PROTOCOL for securely transmitting data via the internet. NETWORK LAYER application. Developed by NETSCAPE. SSL PROTOCOL LAYERS. HOW SSL WORKS.

dirk
Télécharger la présentation

SECURE SOCKET LAYER (SSL)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. By: Hassan Waqar SECURE SOCKET LAYER (SSL)

  2. WHAT IS SECURE SOCET LAYER (SSL) ? • A PROTOCOL for securely transmitting data via the internet. • NETWORK LAYER application. • Developed by NETSCAPE.

  3. SSL PROTOCOL LAYERS

  4. HOW SSL WORKS When a web browser accesses a site secured by an SSL certificate, the following events happen: “SSL Handshake”

  5. THE SSL HANDSHAKE • Browser (client) asks the server (website) for its identity. • Server provides its SSL Certificate. • Browser examines validity of the certificate.

  6. THE SSL HANDSHAKE (cont’d) • If trusted, the browser sends confirmation to server. • The web server replies with a digitally-signed message that starts SSL-encrypted exchange of information (“session”).

  7. SSL CRYPTOGRAPHIC SYSTEM • Uses PUBLIC KEY andPRIVATE KEY to encrypt data. • Server sends the public key. • Browser (client) checks to ensure it trusts the server.

  8. SSL CRYPTOGRAPHIC SYSTEM • The private key is used to encrypt information passed to the browser, which can then be decrypted with the public key.

  9. Encryption Strength • 128-bit keys • It allows340,282,366,920,938,463,463,374,607,431,768,211,456 unique encryptions codes.

  10. SSL OBJECTIVES • Authentication between client and server: cryptographic techniques. • Ensuring data integrity. • Securing data privacy.

  11. Types of SSL Certificates • Domain Validation (DV) • For the domain to approve the CSR. • Validate domain owner and what they intend to use the domain for.

  12. Types of SSL Certificates • Organization Validation (OV) • “high assurance” certificates • ensures the identity of the domain owner • aids in identifying potential “phishing” activities.

  13. Types of SSL Certificates • Extended Validation (EV) • display the green URL bar • promise users the safest possible experience • checks the identity and confirms the authenticity.

  14. Setting up a new SSL Certificate • Admin issues a Certificate Signing Request. • CA validates information and issues SSL Certificate • Admin installs certificate on the server. • Expires within 1 to 3 years.

  15. Transport Layer Security • SSL has more recently known as Transport Layer Security(TLS).

  16. THE END

  17. References • http://www.windowsecurity.com/articles/secure_socket_layer.html • http://en.wikipedia.org/wiki/Secure_Sockets_Layer • http://www.digicert.com/ssl.htm • http://www.gordano.com/kb.htm?q=1486

More Related