Secure Sockets Layer
Secure Sockets Layer: Another important mechanism for securing information is Secure Sockets Layer (SSL).
The SSL protocol was developed by Netscape in the mid-1990s and rapidly became a standard mechanism for exchanging data securely over insecure channels such as the Internet.
NOTE: SSL is supported by all modern browsers and email clients transparently.
When a client connects to a location that requires an SSL connection, the server will present the client with a digital certificate that allows the client to identify the server.
The clients make sure the domain name matches the name on the certificate and that the certificate has been generated by a trusted authority and bears a valid digital signature.
Once the handshake is completed, the client will automatically encrypt all information that is sent to the server before it leaves the computer.
Encrypted information will be unreadable en route. Once the information arrives at the secure server, it is decrypted using a secret key.
If the server sends information back to the client, this information will also be encrypted on the server end before being transmitted.
NOTE: A mutual authentication situation could also take place where both ends of the communication channel are authenticated—both the client and the server.