ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

The SecureSocket Layer (SSL) and the Transport Layer Layer Security (TLS)

Updated on May 29, 2014

The Secure Socket Layer, Transport Layer Security

Ever wondered what they are? where how and when they are used? .......Secure Sockets Layer and Transport Secure Layer

In the modern day world, the effects of technological advancements have been inevitable. New technologies are being innovated every year. Because of such technological advancements, many transactions done over the internet have been constantly threatened by many cases of cyber theft. Millions of important data are being accessed by unauthorized individuals. Such cases of cybercrimes always threaten the security of online network users. Therefore, there exists security protocols that serve to safeguard messages sent over the internet. Such security protocols prevent the illegal hacking and access of important data sent over the internet. Examples of security protocols include the Secure Socket Layer (SSL), the 3D Secure and the Transport Layer Security.

The Secure Socket Layer (SSL)

The Secure Socket Layer is a safety protocol used to secure messages transmitted over the internet. It is used by many websites to secure the delicate information of their clients. Such secured areas in the website include the client`s accounts and online checkouts that involve online transfers of money. The secure socket layer protocol safeguards the customer`s information by encrypting the data. It is commonly used on the HTTP web. It is also used to secure other protocols such as SMTP and NNTP. SMTP is a security protocol used to secure data sent via emails (Entrust solution, 2007). The early versions of SSL used to enhance data security through a 40-bit encryption. However, they advanced up to the use of encryption models higher than 120 bit encryption.

To understand how the Socket Security Layer works, it is imperative to evaluate the procedures involved in every stage of data protection. However, the SSL relies on digital certificates to work completely. Once a certain browser tries to access a website protected by SSL, the browser requests the identity of the server. After the inquiry, the requested server sends its digital certificates to the browser for verification (Martin, 2002). After the browser receives a copy of the website`s certificates, the browser checks the authenticity of the provided certificates. Upon checking the authenticity of the server`s digital certificates, the browser is inclined to send the right feedback (Entrusts Solution, 2007). If the browser realizes that the digital certificates provided by the server are false of unverifiable, it sends a message to the server making it known to the server that its contents could not be verified. If the browser succeeds to verify the server’s certificates, it sends a copy of digitally signed acknowledgment to the server. Both the server and the browser can begin an SSL encrypted session. Beginning an SSL encrypted process implies that the information being shared between the browser and the server is protected. It can neither be accessed nor changed by external third parties. The process of exchanging and verifying digital certificates between the server and the browser is known as a handshake. It only occurs when the server receives a copy of digitally signed certificate from the browser.

In order to establish an effective security of online data, the strength of the encryption certificate matters a lot. Some security professionals often mistake and believe that the strength of the encryption certificate determines the strength of the security protocol. However, In SSL, the strength of the SSL session, the strength of the browser and server capabilities determine the strength of the encryption (Martin, 2002). If the browser is limited to the capacity of 40-bit encryption, then a session of 40 bits will be established. The same applies when the browser is limited to 128 bit encryption. Additionally, the strength of the encryption increases with an increase in the number of encrypted bits accommodated by both the browser and the server (Star-field Technologies Secure Certificate Services, n.d). For example, when the both the server and the browser are limited to 128-bit encryption, an encryption session limited to 256 bits will be established. Therefore, both the strength of the server and the browser determine the strength of the encryption.

The Transport Security Layer (TSL)

The Transport Security layer (TSL) is a predecessor of the Secure Socket layer (SSL). It is among the cryptographic protocols used in securing online communications. Similar to the SSL, TLS secures the transmitted data over the internet by encrypting it. Although it is a predecessor to the SSL, the TLS uses the PKI certificates, secure hash functions and digital signatures to secure online messages (Hellner et al, 2011). Through the abovementioned security processes and devices, the TSL prevents online data from being hacked and changed. It also prevents website`s passwords from being altered and the security of the whole system from being compromised.

Because of its advanced ways of protecting data, the transport layer security protocol has diverse uses. However, all its uses are directed to providing data security. Firstly, TLS is used in enhancing the security of web servers. When used in the server, TLS secures the information communicated between the server user and the browser by encrypting it (HSB Holdings, 2011). It encrypts the data from one end, either the server or the browser, and decrypts it to avail the information to the recipient after getting the right authentication. Additionally, there are two ways of determining whether a website is secured. Websites secured by the TLS always reveal a green padlock symbol on the bottom of the browser window (Singh and Huhns, 2005). Alternatively, the browser` URL begins with https instead of http.

Secondly, the TLS is also used to secure directory servers, mail servers and database servers. In securing mail servers, the TLS Security protocol encrypts email messages and decrypts them before delivering them to the target email addresses. Thirdly, TLS is used to secure Virtual Private Networks VPN (Hellner et al, 2011). It encrypts the accessed network and the remote users` devices.

The TLS is made up of two distinct layers, the handshake protocol and the record protocol. The TLS Record Protocol provides the security of internet connections with some encryption methods such as the Data Encryption Standard (DES) and many others. Additionally, the TLS Record Protocol can also be applied without undergoing the long process of encryption. Conversely, the TLS Handshake Protocol enables both clients and servers to authenticate their information (HSB Holdings, 2011). It also permits them to negotiate cryptographic keys and encryption algorithms before exchanging their data. In order to finalize the TLS Handshake protocol, the following processes are incurred. Firstly, hello messages sent between the server and the browser agree on their algorithms used, check their session’s resumptions while exchanging their assigned random numbers (Hellner et al, 2011). Secondly, both the server and the browser exchange the necessary encrypting parameters. The exchanged cryptographic parameters allow both the server and the browser to select a common premaster secret that enables them to communicate at ease. Thirdly, immediately after the premaster secrets have been exchanged, both the server and the browser avails their digital certificates for the purpose of authentication. During the process of authentication, the TLS generates random values and generates the master secret that seeks to finalize the authentication process (HSB Holdings, 2011). Later the security parameters are transferred to the recording layer. Fourthly, the TLS affirms that both the server and the browser have exchanged their parameters without any external interruption and the exchange of the secured data is safe.

In conclusion, Both the TLS and the SSL are security protocols. They ensure the safety of both the server`s and client`s information by encrypting it. The TLS is an advancement of the SSL. Therefore, the two have many similarities but minor differences. In both the SSL, a handshake is completed once the process of authenticating the provided digital certificates is finalized.

Reference list

Entrust solutions. (2007). Understanding digital certificates & secure sockets layer: a fundamental requirement for internet transactions, Retrieved on 28th Aril 2014 from: http://www.entrust.net/ssl-resources/pdf/understanding_ssl.pdf

Hellner et al. (2011). Security on IBM z/VSE. Armonk, New York: IBD Red books.

HSBC Holdings. (2011).The Transport Layer Security: about TLS. Retrieved on Retrieved on 28th Aril 2014 from: http://www.hsbc.com/~/media/B9271465647F4525BC9FDDA0FBC02F8A.ashx

Martin, F. (2002). SSL Certificates How-to, Retrieved on Retrieved on 28th Aril 2014 from: http://www.tldp.org/HOWTO/pdf/SSL-Certificates-HOWTO.pdf

Singh, M., and Huhns, M. (2005). Service-Oriented Computing: Semantics, Processes, Agents. Hoboken: John Wiley & Sons.

Star-field Technologies Secure Certificate Services. (N.d). Why you need an SSL Certificate, Retrieved on 28th April 2014 from: https://products.secureserver.net/SSLMarketingGuide.pdf


Iphone 4s, Marvelous

4 stars for iphone 4s

Technology

What do people find supernatural in Technology

See results

Shutter Stock Creations

Source

© 2014 Musembi Daniel Nduva

Kindly give out your opinions about this subject

Submit a Comment

No comments yet.

working

This website uses cookies

As a user in the EEA, your approval is needed on a few things. To provide a better website experience, hubpages.com uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at: https://hubpages.com/privacy-policy#gdpr

Show Details
Necessary
HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
LoginThis is necessary to sign in to the HubPages Service.
Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
AkismetThis is used to detect comment spam. (Privacy Policy)
HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the googleapis.com or gstatic.com domains, for performance and efficiency reasons. (Privacy Policy)
Features
Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
MavenThis supports the Maven widget and search functionality. (Privacy Policy)
Marketing
Google AdSenseThis is an ad network. (Privacy Policy)
Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
Index ExchangeThis is an ad network. (Privacy Policy)
SovrnThis is an ad network. (Privacy Policy)
Facebook AdsThis is an ad network. (Privacy Policy)
Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
AppNexusThis is an ad network. (Privacy Policy)
OpenxThis is an ad network. (Privacy Policy)
Rubicon ProjectThis is an ad network. (Privacy Policy)
TripleLiftThis is an ad network. (Privacy Policy)
Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
Statistics
Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)