SSL or Secure Socket Layer, is a type of standard protocol that is used to transfer sensitive information between a client and server.
This protocol makes the transmission secure while keeping the integrity of the data safe from unauthorized access. A slight modification of the standard socket layer has SSL/TLS added on to it to serve as a transport layer.
This new layer not only adds security to the data but also improves communication speed.
It was first introduced as a method for establishing secure socket connection to servers running Microsoft Windows.
With SSL/TLS, a web browser is enabled to negotiate communication between a client using a web browser and the server running an edge browser.
The information required by the client browser are passed on to the server side and is then encrypted so that it can only be accessed by the owner.
The encrypted information is then transmitted back to the client using the Web Transport Protocol (WTP). The Web browser receives the encrypted information and decodes it back to a standard HTML page.
The result is that the secured web pages appear the same way as a standard HTML page.
When a client wants to view a web page, the browser requests the URL that contains the information required by the page.
The server sends back the message that the requested information could not be received at that particular time since the connection is not yet established.
The client browser, in order to get around this, uses an alternative method of transmitting the message. It creates an encrypted tunnel from the client browser to the server.
This connection is called a session cookie. This cookie lets the browser know that after a specified amount of time, the browser will have to connect again to access the requested information.
This connection allows two-way secure web connection because both the browser and the server are able to verify each other.
In the past, websites had to use ‘secure sockets’ to allow two-way transfer of information. However, this proved to be quite vulnerable as some web servers could sniff your IP address or capture you cookies.
With the advent of HTTP, this two-way transfer became obsolete.
Today, the majority of the websites make use of ‘secure sockets’ and use a different protocol for sending their information.
SSL/TLS is used when two-way encryption is important.
For instance, financial institutions often make transactions through their website because a majority of the users do not have the ability to verify that the information they enter is safe.
To solve this problem, they make use of a security service called SSL or ‘Secure Socket Layer’.
This ensures the security of the information that is transmitted between the browser and the server. SSL works along with another type of technology called ‘public key infrastructure’ or PGP.
SSL/TLS works by encrypting all the sensitive information about the website before the information is made available over the public internet.
Once the information has been encrypted, it becomes safe from being intercepted.
The browsers communicate with the web servers by requesting the information and then passing it to the server where it is decoded and finally converted into readable form.