This tutorial series is all about security
protocol SSL. SSL stands for Secure Sockets Layer protocol. SSL encrypts the
communication between web browser and web server.
Why
SSL is needed (Why we need encryption)
Suppose I want to purchase a product
from flipkart.com.
a. First I go to the site flipkart.com
b. Select the product and checkout for
payment
c. At the time of online payment, I need to
provide all my credit card information to the web site. In case of HTTP, data
is transmitted from browser to server as simple text. Once you submit your
credit card details, it travels through number of systems before reaching flipkart
server. Since HTTP transfers data as simple text, there is a security
threat. Neither the user, nor the server
has control on the information that is travelling across the network. Here SSL
came into picture, it solves the problem by making the communications between
client and server encrypted.
Now a days, almost all web browsers and
web servers support SSL. You can see https prefix for ssl secured URLs.
As shown in the above figure, above
sequence is the basic communication flow. The Network Interface layer is
responsible for transmitting/receiving TCP/IP packets across network. The
Internet layer is responsible for addressing, packaging, and routing functions.
TCP is responsible for the establishment of a TCP connection, the sequencing
and acknowledgment of packets sent, and the recovery of packets lost during
transmission. Application layer defines the protocols like HTTP, FTP that
applications use to exchange data.
As shown in the figure, SSL comes in
between HTTP and TCP.
No comments:
Post a Comment