Lori Fitterling LI843
description
Transcript of Lori Fitterling LI843
![Page 1: Lori Fitterling LI843](https://reader036.fdocuments.net/reader036/viewer/2022062301/56816203550346895dd2281e/html5/thumbnails/1.jpg)
Lori Fitterling LI843
SSLSecured Sockets Layer
![Page 2: Lori Fitterling LI843](https://reader036.fdocuments.net/reader036/viewer/2022062301/56816203550346895dd2281e/html5/thumbnails/2.jpg)
What is Secure Sockets Layer (SSL)?
It is protection of data transferred over the Internet using encryption and enabled by a server's SSL Certificate.
An SSL Certificate contains a public key and a private key. A public key is used to encrypt information and a private key is used to decipher it.
![Page 3: Lori Fitterling LI843](https://reader036.fdocuments.net/reader036/viewer/2022062301/56816203550346895dd2281e/html5/thumbnails/3.jpg)
When a browser points to a secured domain, an SSL handshake authenticates the server and the client and establishes an encryption method and a unique session key.
They can begin a secure session that protects message privacy and message integrity.
![Page 4: Lori Fitterling LI843](https://reader036.fdocuments.net/reader036/viewer/2022062301/56816203550346895dd2281e/html5/thumbnails/4.jpg)
![Page 5: Lori Fitterling LI843](https://reader036.fdocuments.net/reader036/viewer/2022062301/56816203550346895dd2281e/html5/thumbnails/5.jpg)
SSL Does These Two ThingsAuthenticates the server and the client
using public- key signatures.
Provides an encrypted connection for the client and server to exchange messages.
![Page 6: Lori Fitterling LI843](https://reader036.fdocuments.net/reader036/viewer/2022062301/56816203550346895dd2281e/html5/thumbnails/6.jpg)
Developed by Netscape in 1994 for transmitting private documents
Has become the standard for e-commerce transaction security
SSL encrypts data, like credit cards numbers and personal information
Uses either 40-bit or 128-bit encryptionI found that 40-bit encryption has been hacked
SSL & E-Commerce
![Page 7: Lori Fitterling LI843](https://reader036.fdocuments.net/reader036/viewer/2022062301/56816203550346895dd2281e/html5/thumbnails/7.jpg)
Reasons Why You Would Use SSL
If you have an online store or accept online orders and credit cards
If you offer a login or sign in on your site If you process sensitive data such as address,
birth date, license, or ID numbers If you need to comply with privacy and
security requirements
![Page 8: Lori Fitterling LI843](https://reader036.fdocuments.net/reader036/viewer/2022062301/56816203550346895dd2281e/html5/thumbnails/8.jpg)
![Page 9: Lori Fitterling LI843](https://reader036.fdocuments.net/reader036/viewer/2022062301/56816203550346895dd2281e/html5/thumbnails/9.jpg)
Buy one from vendor – Can run about $400.00 per year.
Or “self-sign” your own certificate using proprietary software. Self-Signed certificates will trigger a warning window in most browser configurations that will indicate that the certificate was not recognized.
How to get an SSL Certificate
![Page 10: Lori Fitterling LI843](https://reader036.fdocuments.net/reader036/viewer/2022062301/56816203550346895dd2281e/html5/thumbnails/10.jpg)
Example of a SSL security alert
![Page 11: Lori Fitterling LI843](https://reader036.fdocuments.net/reader036/viewer/2022062301/56816203550346895dd2281e/html5/thumbnails/11.jpg)
Libraries Using SSLWhite Library -- My Library Account To comply with license agreements that only allow access to authenticated users -- databases and electronic journals
![Page 12: Lori Fitterling LI843](https://reader036.fdocuments.net/reader036/viewer/2022062301/56816203550346895dd2281e/html5/thumbnails/12.jpg)
Websites About SSLMedia Lab:
http://medialab.di.unipi.it/doc/JNetSec/jns_ch11.htm
SSL.com Knowledgebase: http://info.ssl.com/article.aspx?id=10241
WiseGeek: http://www.wisegeek.com/what-is-ssl.htm
Ourshop.com: http://www.ourshop.com/resources/ssl.html
![Page 13: Lori Fitterling LI843](https://reader036.fdocuments.net/reader036/viewer/2022062301/56816203550346895dd2281e/html5/thumbnails/13.jpg)