Rezwan Ahmed & His Team || Software Engineer || CMS Developer | Contents Writer | Graphics Designer |

Archive for October 28, 2015

SSL Protocol : Access Securing TCP Connections


Secure-Socket-Layer-parsdata

How cryptographic techniques can provide confidentiality, data integrity, and end-point authentication to a specific application, namely, e-mail.

Cryptographic techniques can provide confidentiality, data integrity, and end-point authentication to a specific application, namely, e-mail. In this section, we’ll drop down a layer in the protocol stack and examine how cryptography can enhance TCP with security services, including confidentiality, data integrity, and end-point authentication. This enhanced version of TCP is commonly known as Secure Sockets Layer (SSL).

A simplified version of SSL, one that will allow us to get a big-picture understanding of the why and how of SSL. We will refer to this simplified version of SSL as “almost-SSL.”

Almost-SSL (and SSL) has three phases: handshake, key derivation, and data transfer.

How cryptography can enhance TCP with security services, including confidentiality, data integrity, and end-point authentication. This enhanced version of TCP is commonly known as Secure Sockets Layer (SSL). A slightly modified version of SSL version 3, called Transport Layer Security (TLS), has been standardized by the IETF [RFC 4346].

The SSL protocol was originally designed by Netscape, but the basic ideas behind securing TCP had predated Netscape’s work. how cryptography can enhance TCP with security services, including confidentiality, data integrity, and end-point authentication. This enhanced version of TCP is commonly known as Secure Sockets Layer (SSL). A slightly modified version of SSL version 3, called Transport Layer Security (TLS), has been standardized by the IETF [RFC 4346].

Security

The SSL protocol addresses these issues by enhancing TCP with confidentiality, data integrity, server authentication, and client authentication.
SSL protocol is often used to provide security to transactions that take place over HTTP.

SSL provides a simple Application Programmer Interface (API) with sockets, which is similar and analogous to TCP’s API. When an application wants to employ SSL, the application includes SSL classes/libraries. As shown in Figure 8.24, although SSL technically resides in the application layer, from the developer’s perspective it is a transport protocol that provides TCP’s services enhanced with security services.

October 28, 2015 | Categories: Access Securing TCP Connections: SSL Protocol, NeTWORK TeCHNOLOGY :: | Tags: | Leave a comment