Define secure socket layer (ssl), Computer Network Security

Assignment Help:

Secure Socket Layer (SSL) accepts a combination of asymmetric and symmetric (public-key) encryption to accomplish integrity, confidentiality, authentication and non-repudiation for Internet interaction. In a nutshell SSL uses public key encryption to confidentially transmit a session key which can be needed to conduct symmetric encryption. SSL allows the public key technology to negotiate a shared session key between the server and the client. The public key is stored in an X.509 certificate that generally has a digital signature from a trusted 3rd party.

  • Client requests a document from a secure https server https://www.myapp.com.au.
  • The server gives its X.509 certificate to the client with its public key stored in the certificate.
  • The client validate whether the certificate has been issued by a CA it trusts.
  • The client checks the information in the certificate with the site's public key and domain name.
  • Client gives the server what cipher suites it has available.
  • The server obtains the strongest mutually available ciphers suite and notifies the client.
  • The client creates a session key (symmetric key or private key) and encrypts it using the server's public key and sends it to the server.
  • The server accepts the encrypted session key and decrypts it using its private key.
  • The server and client use the session key to decrypt and encrypt the data they send to each other.

 


Related Discussions:- Define secure socket layer (ssl)

Ping command , In the early days when there were some dozen computers machi...

In the early days when there were some dozen computers machine on the network, it was done individually but now as we have looked that there are millions of computers on the intern

Explain about security aware protocols, Q. Explain about Security aware pro...

Q. Explain about Security aware protocols? The security-Aware ad hoc Routing (SAR) protocol based on the security attributes integrated into the ad hoc route discovery provides

Develop firewall rules, Question requires you to develop firewall rules bas...

Question requires you to develop firewall rules based on a fictitious organisation. Scenario: You work for a security-conscious company, xC-Cure, who develop encryption tec

Explain the concept behind digital signature, Question: a) Differenti...

Question: a) Differentiate between ‘Gross Settlement' and ‘Multilateral Net Settlement' providing suitable examples where necessary to support your answer. b) Differentia

What type of rfid tag is more appropriate for ws-pass, Consider the followi...

Consider the following case study: In order to avoid criticisms of their existing manned road-toll payment system on its private road, WS-Pass has decided to adopt an automated

Cryptography, hi have a look and tell me if u can do it. if u can do Q1then...

hi have a look and tell me if u can do it. if u can do Q1then i will allow u to do Q2

The Security Systems Development Life Cycle (SecSDLCtle.., #Under what circ...

#Under what circumstances would the use of a SecSDLC be more appropriate than an SDLC?

Threat identification-risk management, Threat Identification After ident...

Threat Identification After identifying and performing a primary classification of an organization’s information assets, the analysis phase moves onto an examination of threats

Ucsf medical center case study-information security, Example : UCSF Medical...

Example : UCSF Medical Center In the year 2002, the University of California, San Francisco (UCSF) Medical Center received an email message from someone who claimed to be a doct

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd