Not a premium member yet? Save 100's of hours on lesson prep with a comprehensive library of GCSE Computer Science resources - including worksheets, tests, and PowerPoint presentations.
Download the complete GCSE Computer Science bundle including all teacher resources and student revision:
- 200+ Computer Science/ICT resources
+ any we release in the future!
- Access to all student revision notes
- OCR, AQA, Edexcel and WJEC compatible
- New 9-1 GCSE spec
Secure Sockets Layer (SSL) is a computer networking procedure for safeguarding connections between network application clients and servers over a vulnerable network like the internet. Because of several procedure and execution defects and weaknesses, SSL was disapproved for use on the internet by the Internet Engineering Task Force (IETF) in 2015 and has been replaced by the Transport Layer Security (TLS) protocol. TLS and SSL are not interoperable, but TLS is backward-compatible with SSL 3.0.
SSL was originally described in the 1990s as a proprietary protocol that allowed Netscape browser clients using the Hypertext Transfer Protocol (HTTP) to connect safely with Netscape web servers. SSL eventually evolved as a secure authentication and encryption for communication at the network transport layer.
SSL utilises a blend of public key and symmetric key encryption to safeguard a connection between two machines, like a web or mail server and a client system, connecting over the internet or another TCP/IP network. SSL offers a mechanism for encrypting and authenticating data transmitted between processes executed on a client and server.
SSL runs above the transport layer and the network layer, which are responsible for the sending of data between processes and the routing of network traffic over a network between client and server, respectively, and below application layer protocols such as HTTP and the Simple Mail Transfer Protocol (SMTP). The sockets part of the term refers to the sockets method of sending data between a client and a server program in a network or between processes in the same computer.
The TLS protocol evolved from SSL and has officially superseded it, although the terms SSL or SSL/TLS are still commonly used to denote the procedure utilised to safeguard web/internet traffic. SSL/TLS is the most widely installed security protocol used today and, according to Google, it is being utilised to safeguard more than 50% of the pages loaded by the Chrome browser. In addition to supporting the transmission of web pages, SSL has been applied to applications like email, file transfer, instant messaging and voice over IP.
How SSL Works
The handshake protocol describes how a client and server launch an SSL connection, including the deliberation of which cryptographic systems each host is willing to use for communication, as well as the exchange of cryptographic material, like public keys and session keys for encryption or authentication of sent data.
The record protocol describes how communicating hosts exchange data using SSL, including conditions for how data is to be arranged for transmission and how it is to be confirmed or decrypted on delivery.
At the start of the handshake process, a server presents its digital certificate to validate itself to the client. Server certificates use the X.509 certificate setup defined by the Public Key Cryptography Standards. The validation process uses public key encryption to validate the digital certificate and to confirm that a server is, in fact, the server it claims to be.
Once the server has been validated, the client and server create cipher settings and a shared key to encrypt the information they swap during the rest of the session. This offers data confidentiality and integrity. This whole process is invisible to the user. For example, if a webpage needs an SSL connection, the URL will change from HTTP to HTTPS and a padlock icon will show in the browser once the server has been validated.
The handshake also lets the client to authenticate itself to the server. In this case, after server authentication is complete, the client must present its certificate to the server to authenticate the client’s identity before the encrypted SSL session can be established.