SSL(Secure Socket Layer)

Guided By:- Presented By:-

Richard Sinn Jimmy Mehta

005239638

Agenda

• Introduction

• Objectives of SSL

• Protocols in SSL

• Working of SSL

• Working of Digital Certificate and Public Key in SSL

• Constraints and Advantages

• Conclusion

Introduction

• SSL mainly used for providing security on Web.

• It is originally developed by Netscape.

• Use Key algorithm and Digital SignaturePublic Key AlgorithmPrivate Key Algorithm

• Verisign and Geotrust plays the role of Digital Certificate Provider

• SSL gives security Assurance to both Party(Client and Server)

Objectives

• Authentication of Client and Server

• Ensure Data Integrity

• Securing Data Privacy

Protocols working under SSL

1 ---- Handshake Protocol 2 ---- Record Protocol 3 ---- Alert protocol

ClientServer

1

2

3

Working Of SSL

ClientServer

Client Sends Message to yelp.com Server

Yelp.com Server also sends message back to the client

Public and Private key identification

Hash Negotiation

Client make reqest for DATA

Yelp.com sends data to client

Working Of Digital Signature in Context to SSL

•Working as a Permission Pass

•Issues certificate to identify the person and also public key

Contains Various Information

• Owner’s Name

•Certificate Authorities Name

•Owner’s public Key

•Time Period Of Certificate Validation

Sample of Digital certificate

Advantages

• SSL provide certificate to both client and server.

• Helps to increase the business value.

• All information are encrypted so data can not be tempered.

• Give confidence in context to secure data and trustfulness of data

Constraints

• SSL providing security on point to point way , In current situation there are lot of intermediate nodes.

• In SSL, each connection requires different connection Line and certificate termination problem.

• Sometimes browser version creates the problem.

Conclusion

• SSL is the most active security agent in the era of Internet.

• From 10,0000 feet View SSL established secure channel between client and server and make synchronization between them and assure that data are passed in secure way.

Reference

• Tomasz O, (Jul 19, 2002), “Authentication,Access Control & Encryption”, Retrieved November 18, 2007, from http://www.windowsecurity.com/articles/Secure_Socket_Layer.html

• Cisco Systems , “Introduction to Secure Sockets Layer”, Retrieved November 25, 2007,from http://www.cisco.com/warp/public/cc/so/neso/cxne/cxdimng/wpsot_wp.pdf

• Sun documentation, “Introduction to SSL”, Retrieved November 29, 2007, from

http://docs.sun.com/source/816-6156-10/contents.htm