Define secure socket layer (ssl), Computer Network Security

Assignment Help:

Secure Socket Layer (SSL) accepts a combination of asymmetric and symmetric (public-key) encryption to accomplish integrity, confidentiality, authentication and non-repudiation for Internet interaction. In a nutshell SSL uses public key encryption to confidentially transmit a session key which can be needed to conduct symmetric encryption. SSL allows the public key technology to negotiate a shared session key between the server and the client. The public key is stored in an X.509 certificate that generally has a digital signature from a trusted 3rd party.

  • Client requests a document from a secure https server https://www.myapp.com.au.
  • The server gives its X.509 certificate to the client with its public key stored in the certificate.
  • The client validate whether the certificate has been issued by a CA it trusts.
  • The client checks the information in the certificate with the site's public key and domain name.
  • Client gives the server what cipher suites it has available.
  • The server obtains the strongest mutually available ciphers suite and notifies the client.
  • The client creates a session key (symmetric key or private key) and encrypts it using the server's public key and sends it to the server.
  • The server accepts the encrypted session key and decrypts it using its private key.
  • The server and client use the session key to decrypt and encrypt the data they send to each other.

 


Related Discussions:- Define secure socket layer (ssl)

Routing table, ROUTING TABLE For efficiency, information about forward...

ROUTING TABLE For efficiency, information about forwarding is saved in a routing table, which is started at system initialization and must be updated as network topology modif

Discuss five alternative testing techniques, QUESTION Testing of a Busi...

QUESTION Testing of a Business Continuity Plan (BCP) does not need to be costly or to interrupt the daily operations of the business. The result of the test should also be look

Legal, LEGAL, ETHICAL AND PROFESSIONAL ISSUES To minimize liabilities an...

LEGAL, ETHICAL AND PROFESSIONAL ISSUES To minimize liabilities and reduce risks, information security practitioner should: •    to understand current legal environment •    to s

Illustrate the label switching procedure in an mpls network, QUESTION ...

QUESTION a) Explain the terms traffic engineering, class-based queuing, shaping and grooming in an MPLS network. b) Using an example topology, illustrate the label swi

Unguided media, Unguided Media This is the wireless media that transfe...

Unguided Media This is the wireless media that transfer electromagnetic waves without using a physical media. Waves are broadcast through the air. This is performing through r

Ids deployment overview, IDS Deployment Overview The decision regarding ...

IDS Deployment Overview The decision regarding control strategies, decisions about where to locate elements of intrusion detection systems is an art in itself. Planners should s

Direct sequence modulation, Question 1 a) Provide three advantages of ...

Question 1 a) Provide three advantages of using optical fiber. b) Distinguish between "Direct Sequence Modulation" and "Frequency Hopping" c) Decribe the purpose of using "

Cost benefit analysis (cba)-information security, Cost Benefit Analysis (CB...

Cost Benefit Analysis (CBA) The common approach for information security controls is economic feasibility of implementation. CBA is begun by evaluating the worth of assets which

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd