Download - Lori Fitterling LI843
Lori Fitterling LI843
SSLSecured Sockets Layer
What is Secure Sockets Layer (SSL)?
It is protection of data transferred over the Internet using encryption and enabled by a server's SSL Certificate.
An SSL Certificate contains a public key and a private key. A public key is used to encrypt information and a private key is used to decipher it.
When a browser points to a secured domain, an SSL handshake authenticates the server and the client and establishes an encryption method and a unique session key.
They can begin a secure session that protects message privacy and message integrity.
SSL Does These Two ThingsAuthenticates the server and the client
using public- key signatures.
Provides an encrypted connection for the client and server to exchange messages.
Developed by Netscape in 1994 for transmitting private documents
Has become the standard for e-commerce transaction security
SSL encrypts data, like credit cards numbers and personal information
Uses either 40-bit or 128-bit encryptionI found that 40-bit encryption has been hacked
SSL & E-Commerce
Reasons Why You Would Use SSL
If you have an online store or accept online orders and credit cards
If you offer a login or sign in on your site If you process sensitive data such as address,
birth date, license, or ID numbers If you need to comply with privacy and
security requirements
Buy one from vendor – Can run about $400.00 per year.
Or “self-sign” your own certificate using proprietary software. Self-Signed certificates will trigger a warning window in most browser configurations that will indicate that the certificate was not recognized.
How to get an SSL Certificate
Example of a SSL security alert
Libraries Using SSLWhite Library -- My Library Account To comply with license agreements that only allow access to authenticated users -- databases and electronic journals
Websites About SSLMedia Lab:
http://medialab.di.unipi.it/doc/JNetSec/jns_ch11.htm
SSL.com Knowledgebase: http://info.ssl.com/article.aspx?id=10241
WiseGeek: http://www.wisegeek.com/what-is-ssl.htm
Ourshop.com: http://www.ourshop.com/resources/ssl.html