Thursday, February 12, 2009

SSL/TLS in Service Oriented applications


Posted by at 1 comment:

SSL- how it happens

-Why we need SSL
Terms Used in SSL/TLS Communication....................

-Diffrence in TLS and SSL
-Certificates
-Common Names
-Certification Authority
-Public Key Cryptography
-Symmetric vs Assymtric Encryption
-CSR(Certificate server Request)
-SSL Port



Possible threats in Communication Over Internet :
while we are not using any kind of security what are the security threats that are possible...
that are
-Who are you talking to
-Evesdropping
-Message Forgery
- Message interception
While doing communication over internet these are posible threats and to come over this we use SSL(secure socket layer)/TLS (Transport layer security).
-We use SSL/TLS to provide Encryption / authentication.
-TLS is a newer version of SSL 3.0.
-SSL 3.1 and TLS 1.0 are reffered as same.
-SSL connection starts with a secure hello.
-TLS connection starts with insecure hello.
-Hand shake between client and server is successfull.


TransPort Layer Security Phases.....
1. Peer Negotiation for algo support
2.Key Exchange and authentication
3.Communication using Symmetric Cipher encryption and message Authentication


Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)