Using SSL (Secure socket layer) to secure online transactions

The World Wide Web is an open space often referred to as the cyber space. The transmission of data is quite risky as it may be accessed by anyone. So there arose a need for privacy and encryption of data to be transmitted so that the data could easily be transmitted without the knowledge of the others on the cyber space about the content of the data. Secure Sockets Layer is actually protocol. The idea of this protocol was first conceived by the web browser giant Netscape navigator and they came up with the Secure Sockets Layer or as popularly known as SSL. It was formulated for the transmission of documents privately in a secured and encrypted manner on the internet.

The Secure Sockets Layer or the SSL uses simple cryptographic techniques for data transmission. This protocol primarily uses two keys for the encryption of data. The first key is the Public Key which is known to everyone and the other one is the Private or Secret key which is only known to the recipient for decrypting the data received. SSL is supported by the Netscape Navigator as well as by the Internet Explorer for secured transmission of the private data.

The usage of the above mentioned keys ensures safe and secure transmission of data which is private in nature and not of mass interest. Though the secret key should be with the recipient but both the side must possess the public keys. The sending of the public keys somehow compromise with the security of the data transmitted but then also the data remains safe due to the usage of the private or the secret key. A SSL certificate plays a great role. It provides a method of verification process to verify whether the Public Key has been tampered with or not. This is a powerful mechanism to prevent data from the MITM (Man-in-the-Middle) that could attack and tamper with the data transmitted.

SSL Certificates should be relied upon or else anyone in the middle could attack and modify the data transmitted. It is a herculean task for the recipient or the end user to verify manually each and every certificate that comes into play. So CAs (Certificate Authorities) has been created. They have a check on the certificates received and permit the SSL certificates, which let the user to browse on the data normally at the same time having proper security measures already taken for the data received.

Afters CA signs a certificate, it is installed onto the end user’s system. The installation procedures for most of the SSL Certificates are quite simple and with small changes in the dedicated server wherein they would be installed, this procedure could easily be carried out. After being installed Certificates normally work till their date of expiry, which in general cases they may extend up to a period of one year starting from the date when they are issued. SSL certificates generally are functional in the domain for which they are meant to be and for the domain for which they are signed.