What is Secure Sockets Layer (SSL) and How it Works
What is Secure Sockets Layer (SSL) and How it Works
Secure Sockets Layer (SSL) is the most widely used technology for providing a secure communication between the web client and the web server. Most of us are familiar with many sites such as Gmail, Yahoo etc. using https protocol in their login pages. When we see this, we may wonder what’s the difference between http and https.
In simple words, a HTTP protocol is used for standard communication between the Web server and the client. HTTPS is used for a “Secure communication”.
Working of HTTP:
When A sends a message to B, the message is sent as a plain text in an unencrypted manner. This is acceptable in normal situations where the messages exchanged are not confidential. But, imagine a situation where A sends a PASSWORD to B. In this case, the password is also sent as a plain text. This has a serious security problem because, if an intruder (hacker) can gain unauthorized access to the ongoing communication between Aand B , he can easily obtain the PASSWORDS, since they remain unencrypted
Now let us see the working of HTTPS:
When A sends a PASSWORD (say “mypass“) to B, the message is sent in an encrypted format. The encrypted message is decrypted on B‘s side. So, even if the Hacker manages to gain an unauthorised access to the ongoing communication between A and B he gets only the encrypted password (“xz54p6kd“) and not the original password.
How is HTTPS implemented?
HTTPS is implemented using Secure Sockets Layer (SSL). A website can implement HTTPS by purchasing an SSL Certificate. Secure Sockets Layer (SSL) technology protects a Web site and makes it easy for the site visitors to trust it. It has the following uses:
An SSL Certificate enables encryption of sensitive information during online transactions.
Each SSL Certificate contains unique and authenticated information about the certificate owner.
A Certificate Authority verifies the identity of the certificate owner when it is issued.
How Encryption Works?
The whole concept of Secure Sockets Layer is implemented on the basis of RSA algorithm where each SSL Certificate consists of a Public key and a Private key. The public key is used to encrypt the information and the private key is used to decrypt it. When your browser connects to a secure domain, the server sends a Public key to the browser to perform the encryption. The public key is made available to everyone but the private key(used for decryption) is kept secret. So, during a secure communication, the browser encrypts the message using the public key and sends it to the server. This message is decrypted on the server side using the Private key(Secret key).
How to Identify a Secure Connection?
In the Internet Explorer and most other browser programs like Firefox or Google Chrome, you will see a lock icon in the Security Status bar. The Security Status bar is located on the right side of the Address bar. You can click the lock to view the identity of the website.
In high-security browsers, the authenticated organization name is prominently displayed and the address bar turns GREEN when an Extended Validation SSL Certificate is detected. If the information does not match or the certificate has expired, the browser displays an error message or warning and the status bar may turn RED.
So, the bottom line is, whenever you perform an online transaction such as Credit card payment, Bank login or Email login always ensure that you have a secure communication. A secure communication is a must in these situations. Otherwise there are chances of a Phishing attack using a fake login page.
Secure Sockets Layer (SSL) is the most widely used technology for providing a secure communication between the web client and the web server. Most of us are familiar with many sites such as Gmail, Yahoo etc. using https protocol in their login pages. When we see this, we may wonder what’s the difference between http and https.
In simple words, a HTTP protocol is used for standard communication between the Web server and the client. HTTPS is used for a “Secure communication”.
Working of HTTP:
When A sends a message to B, the message is sent as a plain text in an unencrypted manner. This is acceptable in normal situations where the messages exchanged are not confidential. But, imagine a situation where A sends a PASSWORD to B. In this case, the password is also sent as a plain text. This has a serious security problem because, if an intruder (hacker) can gain unauthorized access to the ongoing communication between Aand B , he can easily obtain the PASSWORDS, since they remain unencrypted
Now let us see the working of HTTPS:
When A sends a PASSWORD (say “mypass“) to B, the message is sent in an encrypted format. The encrypted message is decrypted on B‘s side. So, even if the Hacker manages to gain an unauthorised access to the ongoing communication between A and B he gets only the encrypted password (“xz54p6kd“) and not the original password.
How is HTTPS implemented?
HTTPS is implemented using Secure Sockets Layer (SSL). A website can implement HTTPS by purchasing an SSL Certificate. Secure Sockets Layer (SSL) technology protects a Web site and makes it easy for the site visitors to trust it. It has the following uses:
An SSL Certificate enables encryption of sensitive information during online transactions.
Each SSL Certificate contains unique and authenticated information about the certificate owner.
A Certificate Authority verifies the identity of the certificate owner when it is issued.
How Encryption Works?
The whole concept of Secure Sockets Layer is implemented on the basis of RSA algorithm where each SSL Certificate consists of a Public key and a Private key. The public key is used to encrypt the information and the private key is used to decrypt it. When your browser connects to a secure domain, the server sends a Public key to the browser to perform the encryption. The public key is made available to everyone but the private key(used for decryption) is kept secret. So, during a secure communication, the browser encrypts the message using the public key and sends it to the server. This message is decrypted on the server side using the Private key(Secret key).
How to Identify a Secure Connection?
In the Internet Explorer and most other browser programs like Firefox or Google Chrome, you will see a lock icon in the Security Status bar. The Security Status bar is located on the right side of the Address bar. You can click the lock to view the identity of the website.
In high-security browsers, the authenticated organization name is prominently displayed and the address bar turns GREEN when an Extended Validation SSL Certificate is detected. If the information does not match or the certificate has expired, the browser displays an error message or warning and the status bar may turn RED.
So, the bottom line is, whenever you perform an online transaction such as Credit card payment, Bank login or Email login always ensure that you have a secure communication. A secure communication is a must in these situations. Otherwise there are chances of a Phishing attack using a fake login page.
Local seo Florida
ReplyDeleteI am Abd Raaz and I specialize in local SEO and offered local seo in Florida. We are working with many public
and individual companies in Florida. Mainly we are offer for ranking the local business on Google top results.
As for local seo in Florida we are working with Law firms, Dentists, Roofing companies, contractors, Hotels,
Chiropractors and many others companies. So, as for best and high quality Services you can contact us 24/7
and we are ready to assist you. And “0” (zero charge) we will show you the audit report of your websites as well.
So, visit our website and contact us for any business local seo services in Florida.
Freelance SEO services
ReplyDeleteWow you did really a great job.I enjoyed your blog as well as I would love to read this
blog regularly, thanks for publishing this kind of content.Keep up the great work.