WebHostingSSH

Guidelines on Securing Public Web Servers

of encryption.  Patents and licensing issues may affect which commercial encryption schemes

can be used.  Common factors that influence the choice of encryption algorithm are as follows:

Required security

Value of the data (to either the organization and/or other entities   the more

valuable the data, the stronger the required encryption)

Time value of data (if data are valuable but for only a short time period [e.g., days

as opposed to years] then a weaker encryption algorithm can be used   for

example, passwords that are changed daily because the encryption needs to

protect the password for only a 24 hour period)

Threat to data (the higher the threat level, the stronger the required encryption)

Other protective measures that are in place and that may reduce the need for

stronger encryption.  For example, using protected methods of communications

such as dedicated circuits as opposed to the public Internet.

Required performance (higher performance requirements may require procurement of

additional system resources such as a hardware cryptographic accelerator or

necessitate weaker encryption )

System resources (less resources [e.g., process, memory] may necessitate weaker

encryption)

Import, export, or usage restrictions

Encryption schemes supported by Web server application

Encryption schemes supported by Web browsers of expected users.

7.5.5 Implementing

SSL/TLS

A digital signature is needed to implement SSL/TLS on a Web server.  A certificate, which is

the digital equivalent of an ID card, is used in conjunction with a public key encryption

system.  Certificates can be issued by trusted third parties, known as Certificate Authorities

(CA) or can be  self signed.   Organizational requirements determine which approach is used.

Although the sequence of steps is not identical for all Web servers, the implementation of a

third party signed certificate for a Web server generally includes at least three steps:

Generating and submitting a certificate signing request (CSR)

Picking up a signed SSL/TLS certificate from a CA

Installing the certificate and configuring the Web server to use SSL/TLS for any

specified resources.

A CSR consists of three parts:

Certification request information





  
    
      

    
    Home
    
    About
    
    Services
    
    Network
    
    Support
    
    FAQ
    
    Order
    
    Contact
    
    
         Web Hosting SSH

    
    
    
      Our partners:Jsp 
      Web Hosting
      Unlimited Web Hosting 
      Cheapest Web Hosting  Java 
      Web Hosting
      Web Templates
      Best Web Templates PHP Mysql Web Hosting
      
      Interland Web Hosting
      Cheap Web Hosting 
      PHP Web Hosting
      Tomcat Web Hosting
      Quality Web Hosting
      Best Web Hosting  Mac 
      Web Hosting  
      

      Lunarwebhost.net  Business web hosting 
      division of Vision Web Hosting Inc. All rights reserved


Home	About	Services	Network	Support	FAQ	Order	Contact
Web Hosting SSH
Our partners:Jsp Web Hosting Unlimited Web Hosting Cheapest Web Hosting Java Web Hosting Web Templates Best Web Templates PHP Mysql Web Hosting Interland Web Hosting Cheap Web Hosting PHP Web Hosting Tomcat Web Hosting Quality Web Hosting Best Web Hosting Mac Web Hosting Lunarwebhost.net Business web hosting division of Vision Web Hosting Inc. All rights reserved