Define secure socket layer (ssl), Computer Network Security

Secure Socket Layer (SSL) accepts a combination of asymmetric and symmetric (public-key) encryption to accomplish integrity, confidentiality, authentication and non-repudiation for Internet interaction. In a nutshell SSL uses public key encryption to confidentially transmit a session key which can be needed to conduct symmetric encryption. SSL allows the public key technology to negotiate a shared session key between the server and the client. The public key is stored in an X.509 certificate that generally has a digital signature from a trusted 3rd party.

  • Client requests a document from a secure https server https://www.myapp.com.au.
  • The server gives its X.509 certificate to the client with its public key stored in the certificate.
  • The client validate whether the certificate has been issued by a CA it trusts.
  • The client checks the information in the certificate with the site's public key and domain name.
  • Client gives the server what cipher suites it has available.
  • The server obtains the strongest mutually available ciphers suite and notifies the client.
  • The client creates a session key (symmetric key or private key) and encrypts it using the server's public key and sends it to the server.
  • The server accepts the encrypted session key and decrypts it using its private key.
  • The server and client use the session key to decrypt and encrypt the data they send to each other.

 

Posted Date: 7/27/2012 6:08:46 AM | Location : United States







Related Discussions:- Define secure socket layer (ssl), Assignment Help, Ask Question on Define secure socket layer (ssl), Get Answer, Expert's Help, Define secure socket layer (ssl) Discussions

Write discussion on Define secure socket layer (ssl)
Your posts are moderated
Related Questions
ADDRESS RESOLUTION PROTOCOL (ARP) TCP/IP can use any of the three address resolution functions relaying on the addressing procedure used by the underlying hardware. To guarant

The three primary types of network protection are the same as the three primary areas where a network can be attacked. Every network needs protection against people-related, hardwa

TRANSMISSION ERRORS:  Transmission exceptions may happen due to different causes for example power surges or interference may delete data during transmission. In result of wh

INFORMATION SECURITY POLICY PRACTICES AND STANDARDS Management from all the communities of interest should consider policies as basis for all information security efforts. Polic

a) Calculate the CRC for the frame below: Frame: 1101011011 Generator: 10011 Message after appending 4 zero bits: 11010110110000 b) OSI refers to a system in which any

FIREWALL ANALYSIS TOOLS There are a number of tools automate remote discovery of firewall rules and assist the administrator in analyzing rules Administrators who feel wary of u

How much would it cost to have a project completed by tomorrow night?

Question: (a) Consider that you enter the given URL in the address bar of a popular web client and that both the client and server accepts HTTP version 1.1. i. What can be t

(a) Define what you understand by the following terms in Network Flows: i) UnDirected Path ii) Directed Path iii) Directed Cycle. iv) Tree In each of the above, expla

Problem: (a) What is the minimum length of a password that could be considered to be "strong" in the context of today's computing power? (b) The security of a PIN system,