49


4.3


Secure Sockets Layer (SSL)


Secure Sockets Layer (SSL) [72], which operates between the HTTP and TCP


network layers, is the most popular tool that provides a secure channel between a client


and a Web server. Especially, most Web servers/data centers supporting e commerce


applications deploy SSL to provide enhanced security to Web traffic. In 1999, SSL was


adopted by the Internet Engineering Task Force (IETF) as a standard and is newly


named as Transport Layer Security (TLS) [4, 72]. SSL is composed of two components:


a handshaking procedure and a bulk data encryption procedure.


Client  Hello 


Authenticating Server 


Server Hello 


Server Certificate 


ServerHelloDone 


Authenticating Client(optional) 


 Server 


Client 


 Client Certificate 


Data Exchange 


Client Key exchange 


End of Negotiation 


Data Transfer 


(Encrypted) 


Fig. 4.1. The SSL Protocol


The handshaking procedure triggers when a connection is initiated between a Web


server and a client [72]. During this phase, a server and a client authenticate each other


and negotiate encryption algorithms and required session keys using an asymmetric key














  

    

      

    

    

    
    
Home

    
    About
    
    Services
    
    Network
    
    Support
    
    FAQ
    
    Order
    
    Contact
    

    
 

    

    

     


    

    

    
    Clan Web Hosting



    

    

    

      Our partners:Jsp 
      Web Hosting
      Unlimited Web Hosting 
      Cheapest Web Hosting  Java 
      Web Hosting
      Web Templates
      Best Web Templates PHP Mysql Web Hosting
      
      Interland Web Hosting
      Cheap Web Hosting 
      PHP Web Hosting
      Tomcat Web Hosting
      Quality Web Hosting
      Best Web Hosting  Mac 
      Web Hosting  
      

      Lunarwebhost.net  Business web hosting 
      division of Vision Web Hosting Inc. All rights reserved