Sunday, 24 Nov 2024
Tutorials

SSL-A Universal Trust Mark for Security

Since last two years, many social sites, search engines, and other corporates and organizations have started to take SSL security for their domain.Today hackers are trying latest techniques for hacking. Hackers find the vulnerability into a system and attack on that particular part to hack the whole system.Hacking is an ongoing activity for which organizations; social media, search engine have to put their efforts to fight against it.

Research:

  • As per a recent survey there are approximately 18% sites are open for the attacks. These site owners have not taken any precaution against cyber security. It is harmful for your online database and influences your customer’s security too.
  • Even there are 70 attacks per hour recorded in the system,caused by the cyber criminals.

By this, we can recognize that how attackers are working to break the internet security. In today’s time if we see around us, SSL (Secure Socket Layer) is a top most security that is believed by Google and Facebook. They have also started to secure their websites with HTTPS security protocol.

Here, you can see a green address bar and a URL starting with HTTPS instead of HTTP in the above image. It shows that international efforts by recognized groups have been initiatedfor the sake of security awareness and customer’s interest. A secure connection makes information confidential that travels between the browser and server. Therefore, outsider cannot recognize the information and your information will remain safe over the internet. Therefore, Face book and Google and other leading website owners are now entirely running on HTTPS. In Facebook, you can find the security features in Account settings. A sample image of account setting is shown here.

Even Facebook has worked a lot and made a solution about loading time of HTTPS encrypted pages for third party applications that are not supporting in HTTPS.  Facebook has encrypted its address bar with OAuth 2.0 that supports third party application for yahoo, Google, Twitter and others. After checking the box in Account setting for HTTPS, you will be able to login with HTTPS URL when you open Facebook next time and that will secure your confidential information like login ID, password, etc.

In 2011, Google has added SSL encryption to Google.com and tried to protect user’s privacy. Google hopes that many companies will take initiative in this direction. It demonstrates that as a leader, in search engine, Google has put trust in SSL security. Of course, SSL is the first name of confidentiality and trust among its users.

If we talk about another social site called “Twitter” has also encrypted its connection with SSL security. You may see a changed color of twitter’s address bar. It shows a green bar with HTTPS URL. It means people have a secure environment and can share their information among groups of people.

Either you use iPhone or iPad application to access Twitter you will find HTTPS encrypted URL. Twitter is using cipher (RC4) specification for session encryption. Twitter API uses EV SSL certificate from VeriSign to secure communication of users and preserves privacy of your information.

From above discussion, we acknowledged that SSL has a distinct place in security protocols. Now As per a recent survey conducted with corporates and organizations, it is estimated that more than 80% of companies will be using SSL by the end of 2013.Security is now a big, concern for online business and other database companies. After inspiring from the reputed search engine and social media platforms, we will reveal about the functionality of SSL.

How SSL Works

SSL is a security protocol that secures and encrypts your information travels between servers, browser, and server. Therefore, attacker will not identify the information and your information will remain secure. Now let us see one example:

Step 1: A customer creates a connection to abc.com on an SSL port, typically 443. This connection is represented with https instead of http.

Step 2:ABC.com sends its public key to customer’s browser.

Step 3: If the customer trusts the certificate, he will send a public key to abc.com

Step 4:ABC.com will generate a unique hash and encrypt it using both the customer’s public key and Abc.com’s private key, and send back to the client.

Step 5: Customer’s browser will decipher the hash.

Step 6: Now Customer and website is ready to transmit the information.

The awareness showed by social media and leading search engines and other websites that have inspired people for online security. Developers have accepted that if you want a secure online business, you have to consider online security.