 |
|
|
|
|
|
|
|
 |
|
 |
|
|
Recent developments in browser/server technology have made it easy for people to use Web services without worrying about electronic fraud. Two examples are Secure Sockets Layer (SSL) developed by Netscape, and Secure Hypertext Transfer Protocol (S-HTTP) developed by Terisa Systems, Inc. Both of these security protocols have been submitted to the Internet Engineering Task Force (IETF) as an Internet-Drafts. Basically, these protocols allow the browser and server ends of a Web session to authenticate one another and secure information which subsequently flows between them. Through the use of cryptographic techniques such as encryption and digital signature, these protocols:
Allow Web browsers and servers to authenticate each other; Permit Web site owners to control access to particular servers, directories, files or services; Allow sensitive information (e.g., credit card numbers) to be shared between browser and server, yet remain inaccessible to third parties; and Ensure that data exchanged between browser and server cannot be corrupted - accidentally or deliberately - without detection.
A key component in the establishment of secure Web sessions via the SSL or S-HTTP protocols is the public key certificate. Without authentic and trustworthy certificates, protocols like SSL and S-HTTP offer no security at all.
Recent developments in browser/server technology have made it easy for people to use Web services without worrying about electronic fraud. Two examples are Secure Sockets Layer (SSL) developed by Netscape, and Secure Hypertext Transfer Protocol (S-HTTP) developed by Terisa Systems, Inc. Both of these security protocols have been submitted to the Internet Engineering Task Force (IETF) as an Internet-Drafts. Basically, these protocols allow the browser and server ends of a Web session to authenticate one another and secure information which subsequently flows between them. Through the use of cryptographic techniques such as encryption and digital signature, these protocols:
Allow Web browsers and servers to authenticate each other; Permit Web site owners to control access to particular servers, directories, files or services; Allow sensitive information (e.g., credit card numbers) to be shared between browser and server, yet remain inaccessible to third parties; and Ensure that data exchanged between browser and server cannot be corrupted - accidentally or deliberately - without detection.
A key component in the establishment of secure Web sessions via the SSL or S-HTTP protocols is the public key certificate. Without authentic and trustworthy certificates, protocols like SSL and S-HTTP offer no security at all.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
