SSL - Secure Sockets Layer

By: Christine Martz

Meaning of SSL - "Secure Sockets Layer", is an encryption protocol which encodes data sent over the World Wide Web and makes it unreadable to anyone intercepting the transmission by using a public-key cryptosystem. Two keys are used to encrypt data - a public key which is known to everyone and a private or secret key, known only to the recipient of the message. SSL requires only one of the parties to have a key pair. 

SSL provides privacy, authentication, and message integrity. Netscape Navigator, Internet Explorer, as well as most other web browsers support SSL. 

The Secure Sockets Layer Protocol was developed by Netscape in 1994 in response to the growing concern over security on the Internet. SSL was originally developed for securing web browser and server communications, but the specification was designed in such a way that other applications such as Email protocols, TELNET and FTP as well any other application protocol on the Internet could also use it. 

Other Related Definitions:

“…The main role of SSL is to provide security for Web traffic. Security includes confidentiality, message integrity, and authentication. SSL achieves these elements of security through the use of cryptography, digital signatures, and certificates.” [Cisco Systems] 

“…Secure transactions are a necessity with e-commerce and sensitive corporate intranets and extranets. While many security standards are in place, SSL is the most common. The SSL standard is not a single protocol, but rather a set of accepted data transfer routines that are designed to protect the integrity of transmitted messages.” [Mary Bull - Network World] 

“…Secure Socket Layers are critical for protecting private information. Every email that you send, every website that you visit, every piece of data that leaves your computer can be seen by more than just the intended recipient unless it is securely encrypted. SSL is the protocol or standard for internet security, and working without it is akin to leaving your car unlocked in a bad neighborhood.”[Digicert Security Services]

“…Browser-based SSL alternatives require little or no software on remote PCs, and in most cases any PC with a browser can be used to make the secure connection, as long as the user can authenticate to a central server. And SSL firewall ports that the traffic uses are generally left open, so firewall reconfiguring is usually unnecessary. The idea is that SSL's simplicity translates into an easier installation and long-term cost savings because of simpler ongoing support. ” [Tim Greene - Network World] 

Related Links:

Overview of SSL - How Secure Sockets Layer Works
SSL Security - Ensuring end-to-end security with SSL
Simplified SSL - Information about Secure Sockets Layer and HTTPS
SSL Certificates - Network Security SSL Certificate FAQ
Popularity of SSL - Users adopt Secure Sockets Layer for remote access

Technical Resources:

Cisco Systems White Paper - Introduction to Secure Sockets Layer
Description of the Secure Sockets Layer (SSL) Handshake - The steps involved in the SSL handshake
SSL Tutorial - SSL processing and the basic cryptography concepts
SSL 3.0 Specification - The SSL Protocol Version 3.0

Products and Solutions:

Verisign - SSL Certificates
Open SSL - Download Opensource Toolkit

Blogs, News, Feeds, Discussion Lists:

SSL-Talk - A forum for the Secure Sockets Layer Discussion List

Books About:

SSL and TLS: Designing and Building Secure Systems - by Eric Rescorla
Network Security with OpenSSL - by John Viega 

See Also:

Other SSL Related Resources
 

(C) Copyright Birds-Eye.Net, All rights reserved.
It is against the law to reproduce this content or any portion of it in any form without the explicit written permission of Birds-Eye Network Services, LLC. Federal copyright law (17 USC 504) makes it illegal, punishable with fines up to $100,000 per violation plus attorney's fees.