The Value and System of the New Version of Cisco CCIE EI Certification, and the New Version of Cisco EI Knowledge. Detailed Description of the Network Security SSL protocol

Education

Written by:

Reading Time: 2 minutes

SSL (Secure Sockets Layer) is a security protocol that provides a secure connection for TCP based application layer protocols. For example, SSL can provide a secure connection for HTTP protocols. SSL protocol is widely used in e-commerce, online banking and other fields to provide security guarantee for data transmission on the network. It was developed by Netscape in 1990 to ensure the security of Word Wide Web (WWW) communication. The main task is to provide privacy, information integrity and identity authentication. It was revised to SSLv2 in 1994 and SSLv3 in 1995.

SSL is a protocol that does not depend on the platform and application program. It is located between TCP/IP protocol and various application layer protocols to improve security support for data communication.

Security mechanism

The secure connection provided by SSL can realize the connection privacy. The symmetric key algorithm is used to encrypt the transmitted data, and RSA (Rivest Shamir and Adleman, one of the asymmetric key algorithms) is used to encrypt the keys used in the symmetric key algorithm.

Authentication

Based on the certificate, the digital signature method is used to authenticate the server and client, and the client authentication is optional. SSL servers and clients obtain certificates from CA (Certificate Authority) through the mechanism provided by PKI (Public Key Infrastructure).

Connection reliability

During message transmission, use the MAC (Message Authentication Code) based on the key to verify the integrity of the message. MAC is an algorithm that converts keys and data of any length into fixed length data. The process of using MAC algorithm to verify message integrity is shown in Figure 1. With the participation of the key, the sender uses the MAC algorithm to calculate the MAC value of the message, and adds it to the message and sends it to the receiver. The receiver uses the same key and MAC algorithm to calculate the MAC value of the message and compare it with the received MAC value. If the two are the same, it means that the message does not change. Otherwise, the message will be modified during transmission, and the receiver will discard the message.

SSL Protocol Structure

Application layer protocol

SSL handshake protocol

SSL change cipher spec protocol

SSL alert protocol

SSL record protocol

TCP

IP

The protocol itself is divided into two layers.

The bottom layer is the SSL record protocol, while the upper layers are the SSL handshake protocol, the SSL change cipher spec protocol, and the SSL alert protocol. The record protocol provides basic security services for different higher-level protocols. Its feature is that the Hypertext Transfer Protocol (HTTP), which provides transport services for web client/server interaction, can run on SSL. 

Extended Validation SSL Certificates are most thoroughly authenticated to ensure the authenticity of the certificate holding organization. The unique green address bar technology will display the organization name and the GlobalSign name as CA circularly, thus ensuring the security of the website to the maximum extent.

<a href=”https://www.spotoclub.com/”>spotoclub.com</a>