SSL is another important mechanism for securing information. SSL is an abbreviation for Secure Sockets Layer. SSL is a protocol that was developed by Netscape in 1990. Rapidly SSL became a standard mechanism for exchanging data securely over insecure channels (e.g. Internet). SSL, in fact, is supported by all modern browsers and emails. SSL operates in the Transport layer (OSI Model).
Basically, it is a handshake between the client and the server. The following scenario shows how the handshake works, where the client is Alice and the server is Bob, for example:
- When the Alice, client, connects to any location that requires SSL connection, the Bob, Server, will present Alice with a digital certificate that allows her to identify the server.
- Alice will ensure that that the domain name matches the name on the certificate; and the certificate has been generated by a trusted authority.
Once this handshake is finished, Alice will automatically encrypt all the data that is sent to Bob. Once the data arrives to the server side, Bob will decrypt it using the private-key. Note: Bob can send any message back to Alice, which will be encrypted during the transferring process.
Remember: Encrypting the data will make it unreadable to unauthorised people.