SlideShare a Scribd company logo
SECURE SOCKET LAYER
PROTOCOL
PRESENTED BY:
S.SABTHAMI
I.M.SC(IT)
NADAR SARASWATHI COLLEGE OF ARTS
AND SCIENCE
SECURE SOCKET LAYER(SSL)
The secure socket layer (ssl) protocol is an internet
protocol for secure exchange of information between
a web browser and a web server .
It provides two basic security services:
Authentication
Confidentiality
HOW SSL WORKS ?
SSL has three sub-protocols
 The handshake protocol
 The record protocol
 The alert protocol
THE HANDSHAKE PROTOCOL
SSL handshake verifies the server and allows client
and server to agree on an encryption set before
any data is sent out
Handshake Protocol is used to establish sessions.
This protocol allows the client and server to
authenticate each other by sending a series of
messages to each other.
THE HANDSHAKE PROTOCOL
Handshake protocol uses four phases to complete its
cycle.
 Phase-1: In Phase-1 both Client and Server send
hello-packets to each other. In this IP session, cipher
suite and protocol version are exchanged for security
purposes.
 Phase-2: Server sends his certificate and Server-
key-exchange. The server end phase-2 by sending the
Server-hello-end packet.
THE HANDSHAKE PROTOCOL
 Phase-3: In this phase Client reply to the server by
sending his certificate and Client-exchange-key.
 Phase-4: In Phase-4 Change-cipher suite occurred
and after this Handshake Protocol ends.
THE HANDSHAKE PROTOCOL
THE RECORD PROTOCOL
The record protocol in SSL comes into picture after a
successful handshake is completed between the
client and the server . That is , after the client and the
server have optionally authenticated each other and
have decided what algorithms to use for secure
information exchange , we enter into the SSL record
protocol
THE RECORD PROTOCOL
SSL Record provides two services to SSL connection.
Confidentiality
Message Integrity
THE RECORD PROTOCOL
In the SSL Record Protocol application data is
divided into fragments. The fragment is compressed
and then encrypted MAC (Message Authentication
Code) generated by algorithms like SHA (Secure
Hash Protocol) and MD5 (Message Digest) is
appended. After that encryption of the data is done
and in last SSL header is appended to the data.
THE RECORD PROTOCOL
THE ALERT PROTOCOL
 The SSL Alert Protocol signals problems with an SSL
session.
 Alert messages convey the severity of the message and a
description of the alert.
 Upon transmission or receipt of a fatal alert message, both
parties immediately close the connection.
THE ALERT PROTOCOL
 The client and the server must communicate that the
connection is ending to avoid a truncation attack.
 Either party may initiate the exchange of closing messages.
 Normal termination occurs when the close_notify message is
sent.
 This message notifies the recipient that the sender will not send
any more messages on this connection.
 The session becomes unresumable if any connection is
terminated without a proper close_notify message.
ALERT ERROR
 The following error alerts are defined:
 unexpected_message
An inappropriate message was received. This alert is always
fatal and should never be observed in communication between
proper implementations.
 bad_record_mac
This alert is returned if a record is received with an
incorrect message authentication code. This message is
always fatal.
ALERT ERROR
 decompression_failure
The decompression function received improper input (e.g.
data that would expand to excessive length). This message is
always fatal.
 handshake_failure
Indicates the sender was unable to negotiate an acceptable
set of security parameters given the options available. This is
a fatal error.
ALERT ERROR
 no_certificate
May be sent in response to a certification request if no
appropriate certificate is available.
 bad_certificate
A certificate was corrupt, probably contained a digital
signature that did not verify correctly
ALERT ERROR
 unsupported_certificate
A certificate was of an unsupported type.
 certificate_revoked
A certificate was revoked by its signer.
 certificate_expired
A certificate has expired or is not currently valid.
ALERT ERROR
 certificate_unknown
Some unspecified issue arose in processing the certificate,
rendering it unacceptable.
o illegal_parameter
A field in the handshake was out of range or inconsistent with
other fields. This is always fatal.
Network and internet security

More Related Content

What's hot

The last picks
The last picksThe last picks
The last picks
Nafiur Rahman Tuhin
 
E-mail Security Protocol - 2 Pretty Good Privacy (PGP)
E-mail Security Protocol - 2 Pretty Good Privacy (PGP)E-mail Security Protocol - 2 Pretty Good Privacy (PGP)
E-mail Security Protocol - 2 Pretty Good Privacy (PGP)
Vishal Kumar
 
Web Security
Web SecurityWeb Security
Web Security
Dipika Bambhaniya
 
The process of authentication
The process of authenticationThe process of authentication
The process of authentication
AbdulrahmanAlmehmadi2
 
The process of authentication
The process of authenticationThe process of authentication
The process of authentication
AbdulrahmanAlmehmadi2
 
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROYPPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROYMonodip Singha Roy
 

What's hot (10)

Security
SecuritySecurity
Security
 
Complete document
Complete documentComplete document
Complete document
 
The last picks
The last picksThe last picks
The last picks
 
E-mail Security Protocol - 2 Pretty Good Privacy (PGP)
E-mail Security Protocol - 2 Pretty Good Privacy (PGP)E-mail Security Protocol - 2 Pretty Good Privacy (PGP)
E-mail Security Protocol - 2 Pretty Good Privacy (PGP)
 
Web Security
Web SecurityWeb Security
Web Security
 
Unit 6
Unit 6Unit 6
Unit 6
 
The process of authentication
The process of authenticationThe process of authentication
The process of authentication
 
Lecture17
Lecture17Lecture17
Lecture17
 
The process of authentication
The process of authenticationThe process of authentication
The process of authentication
 
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROYPPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
 

Similar to Network and internet security

WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.pptWEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
SonukumarRawat
 
SSL Secure socket layer
SSL Secure socket layerSSL Secure socket layer
SSL Secure socket layerAhmed Elnaggar
 
Web security
Web securityWeb security
Web security
Subhash Basistha
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layer
Emprovise
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)
Arun Shukla
 
Internet security protocol
Internet security protocolInternet security protocol
Internet security protocolMousmi Pawar
 
Ssl
SslSsl
ch17.ppt
ch17.pptch17.ppt
ch17.ppt
SomuPatil8
 
Ssl (Secure Socket Layer)
Ssl (Secure Socket Layer)Ssl (Secure Socket Layer)
Ssl (Secure Socket Layer)
Sandeep Gupta
 
Secure payment systems
Secure payment systemsSecure payment systems
Secure payment systemsAbdulaziz Mohd
 
SSL TLS Protocol
SSL TLS ProtocolSSL TLS Protocol
SSL TLS Protocol
Devang Badrakiya
 
Improving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA AlgorithmImproving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA Algorithm
IJCSEA Journal
 
Secure Sockets Layer (SSL)
Secure Sockets Layer (SSL)Secure Sockets Layer (SSL)
Secure Sockets Layer (SSL)
BGSBU Rajouri
 
Vulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS ProtocolVulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS Protocol
csandit
 
VULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOLVULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOL
cscpconf
 
Introduction to Secure Sockets Layer
Introduction to Secure Sockets LayerIntroduction to Secure Sockets Layer
Introduction to Secure Sockets Layer
Nascenia IT
 
web security
web securityweb security
web security
Chirag Patel
 
Transport layer security.ppt
Transport layer security.pptTransport layer security.ppt
Transport layer security.ppt
ImXaib
 

Similar to Network and internet security (20)

WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.pptWEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
 
SSL Secure socket layer
SSL Secure socket layerSSL Secure socket layer
SSL Secure socket layer
 
Web security
Web securityWeb security
Web security
 
Ch17
Ch17Ch17
Ch17
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layer
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)
 
Internet security protocol
Internet security protocolInternet security protocol
Internet security protocol
 
Ssl
SslSsl
Ssl
 
ch17.ppt
ch17.pptch17.ppt
ch17.ppt
 
Ssl (Secure Socket Layer)
Ssl (Secure Socket Layer)Ssl (Secure Socket Layer)
Ssl (Secure Socket Layer)
 
Secure payment systems
Secure payment systemsSecure payment systems
Secure payment systems
 
SSL TLS Protocol
SSL TLS ProtocolSSL TLS Protocol
SSL TLS Protocol
 
Improving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA AlgorithmImproving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA Algorithm
 
Secure Sockets Layer (SSL)
Secure Sockets Layer (SSL)Secure Sockets Layer (SSL)
Secure Sockets Layer (SSL)
 
Vulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS ProtocolVulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS Protocol
 
VULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOLVULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOL
 
Introduction to Secure Sockets Layer
Introduction to Secure Sockets LayerIntroduction to Secure Sockets Layer
Introduction to Secure Sockets Layer
 
web security
web securityweb security
web security
 
Transport layer security.ppt
Transport layer security.pptTransport layer security.ppt
Transport layer security.ppt
 
ssl
sslssl
ssl
 

More from SabthamiS1

women%20empowerment11.pptx
women%20empowerment11.pptxwomen%20empowerment11.pptx
women%20empowerment11.pptx
SabthamiS1
 
big data analytics.pptx
big data analytics.pptxbig data analytics.pptx
big data analytics.pptx
SabthamiS1
 
iot.pptx
iot.pptxiot.pptx
iot.pptx
SabthamiS1
 
dip.pptx
dip.pptxdip.pptx
dip.pptx
SabthamiS1
 
csc.pptx
csc.pptxcsc.pptx
csc.pptx
SabthamiS1
 
python.pptx
python.pptxpython.pptx
python.pptx
SabthamiS1
 
Data minig.pptx
Data minig.pptxData minig.pptx
Data minig.pptx
SabthamiS1
 
artificial intelligence.pptx
artificial intelligence.pptxartificial intelligence.pptx
artificial intelligence.pptx
SabthamiS1
 
distributed computing.pptx
distributed computing.pptxdistributed computing.pptx
distributed computing.pptx
SabthamiS1
 
Java
Java Java
Java
SabthamiS1
 
Advance computer architecture
Advance computer architecture Advance computer architecture
Advance computer architecture
SabthamiS1
 
Data structure and algorithm
Data structure and algorithmData structure and algorithm
Data structure and algorithm
SabthamiS1
 

More from SabthamiS1 (12)

women%20empowerment11.pptx
women%20empowerment11.pptxwomen%20empowerment11.pptx
women%20empowerment11.pptx
 
big data analytics.pptx
big data analytics.pptxbig data analytics.pptx
big data analytics.pptx
 
iot.pptx
iot.pptxiot.pptx
iot.pptx
 
dip.pptx
dip.pptxdip.pptx
dip.pptx
 
csc.pptx
csc.pptxcsc.pptx
csc.pptx
 
python.pptx
python.pptxpython.pptx
python.pptx
 
Data minig.pptx
Data minig.pptxData minig.pptx
Data minig.pptx
 
artificial intelligence.pptx
artificial intelligence.pptxartificial intelligence.pptx
artificial intelligence.pptx
 
distributed computing.pptx
distributed computing.pptxdistributed computing.pptx
distributed computing.pptx
 
Java
Java Java
Java
 
Advance computer architecture
Advance computer architecture Advance computer architecture
Advance computer architecture
 
Data structure and algorithm
Data structure and algorithmData structure and algorithm
Data structure and algorithm
 

Recently uploaded

The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
heathfieldcps1
 
Chapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptxChapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptx
Mohd Adib Abd Muin, Senior Lecturer at Universiti Utara Malaysia
 
Model Attribute Check Company Auto Property
Model Attribute  Check Company Auto PropertyModel Attribute  Check Company Auto Property
Model Attribute Check Company Auto Property
Celine George
 
"Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe..."Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe...
SACHIN R KONDAGURI
 
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
MysoreMuleSoftMeetup
 
The geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideasThe geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideas
GeoBlogs
 
Unit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdfUnit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdf
Thiyagu K
 
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
Levi Shapiro
 
Synthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptxSynthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptx
Pavel ( NSTU)
 
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
Nguyen Thanh Tu Collection
 
Overview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with MechanismOverview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with Mechanism
DeeptiGupta154
 
A Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in EducationA Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in Education
Peter Windle
 
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup   New Member Orientation and Q&A (May 2024).pdfWelcome to TechSoup   New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
TechSoup
 
The French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free downloadThe French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free download
Vivekanand Anglo Vedic Academy
 
1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx
JosvitaDsouza2
 
Operation Blue Star - Saka Neela Tara
Operation Blue Star   -  Saka Neela TaraOperation Blue Star   -  Saka Neela Tara
Operation Blue Star - Saka Neela Tara
Balvir Singh
 
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER  FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...TESDA TM1 REVIEWER  FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
EugeneSaldivar
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
Special education needs
 
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th SemesterGuidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Atul Kumar Singh
 
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptxFrancesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptx
EduSkills OECD
 

Recently uploaded (20)

The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
 
Chapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptxChapter 3 - Islamic Banking Products and Services.pptx
Chapter 3 - Islamic Banking Products and Services.pptx
 
Model Attribute Check Company Auto Property
Model Attribute  Check Company Auto PropertyModel Attribute  Check Company Auto Property
Model Attribute Check Company Auto Property
 
"Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe..."Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe...
 
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
 
The geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideasThe geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideas
 
Unit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdfUnit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdf
 
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
 
Synthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptxSynthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptx
 
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
 
Overview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with MechanismOverview on Edible Vaccine: Pros & Cons with Mechanism
Overview on Edible Vaccine: Pros & Cons with Mechanism
 
A Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in EducationA Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in Education
 
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup   New Member Orientation and Q&A (May 2024).pdfWelcome to TechSoup   New Member Orientation and Q&A (May 2024).pdf
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdf
 
The French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free downloadThe French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free download
 
1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx
 
Operation Blue Star - Saka Neela Tara
Operation Blue Star   -  Saka Neela TaraOperation Blue Star   -  Saka Neela Tara
Operation Blue Star - Saka Neela Tara
 
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER  FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...TESDA TM1 REVIEWER  FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
 
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th SemesterGuidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th Semester
 
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptxFrancesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptx
 

Network and internet security

  • 1. SECURE SOCKET LAYER PROTOCOL PRESENTED BY: S.SABTHAMI I.M.SC(IT) NADAR SARASWATHI COLLEGE OF ARTS AND SCIENCE
  • 2. SECURE SOCKET LAYER(SSL) The secure socket layer (ssl) protocol is an internet protocol for secure exchange of information between a web browser and a web server . It provides two basic security services: Authentication Confidentiality
  • 3. HOW SSL WORKS ? SSL has three sub-protocols  The handshake protocol  The record protocol  The alert protocol
  • 4. THE HANDSHAKE PROTOCOL SSL handshake verifies the server and allows client and server to agree on an encryption set before any data is sent out Handshake Protocol is used to establish sessions. This protocol allows the client and server to authenticate each other by sending a series of messages to each other.
  • 5. THE HANDSHAKE PROTOCOL Handshake protocol uses four phases to complete its cycle.  Phase-1: In Phase-1 both Client and Server send hello-packets to each other. In this IP session, cipher suite and protocol version are exchanged for security purposes.  Phase-2: Server sends his certificate and Server- key-exchange. The server end phase-2 by sending the Server-hello-end packet.
  • 6. THE HANDSHAKE PROTOCOL  Phase-3: In this phase Client reply to the server by sending his certificate and Client-exchange-key.  Phase-4: In Phase-4 Change-cipher suite occurred and after this Handshake Protocol ends.
  • 8. THE RECORD PROTOCOL The record protocol in SSL comes into picture after a successful handshake is completed between the client and the server . That is , after the client and the server have optionally authenticated each other and have decided what algorithms to use for secure information exchange , we enter into the SSL record protocol
  • 9. THE RECORD PROTOCOL SSL Record provides two services to SSL connection. Confidentiality Message Integrity
  • 10. THE RECORD PROTOCOL In the SSL Record Protocol application data is divided into fragments. The fragment is compressed and then encrypted MAC (Message Authentication Code) generated by algorithms like SHA (Secure Hash Protocol) and MD5 (Message Digest) is appended. After that encryption of the data is done and in last SSL header is appended to the data.
  • 12. THE ALERT PROTOCOL  The SSL Alert Protocol signals problems with an SSL session.  Alert messages convey the severity of the message and a description of the alert.  Upon transmission or receipt of a fatal alert message, both parties immediately close the connection.
  • 13. THE ALERT PROTOCOL  The client and the server must communicate that the connection is ending to avoid a truncation attack.  Either party may initiate the exchange of closing messages.  Normal termination occurs when the close_notify message is sent.  This message notifies the recipient that the sender will not send any more messages on this connection.  The session becomes unresumable if any connection is terminated without a proper close_notify message.
  • 14. ALERT ERROR  The following error alerts are defined:  unexpected_message An inappropriate message was received. This alert is always fatal and should never be observed in communication between proper implementations.  bad_record_mac This alert is returned if a record is received with an incorrect message authentication code. This message is always fatal.
  • 15. ALERT ERROR  decompression_failure The decompression function received improper input (e.g. data that would expand to excessive length). This message is always fatal.  handshake_failure Indicates the sender was unable to negotiate an acceptable set of security parameters given the options available. This is a fatal error.
  • 16. ALERT ERROR  no_certificate May be sent in response to a certification request if no appropriate certificate is available.  bad_certificate A certificate was corrupt, probably contained a digital signature that did not verify correctly
  • 17. ALERT ERROR  unsupported_certificate A certificate was of an unsupported type.  certificate_revoked A certificate was revoked by its signer.  certificate_expired A certificate has expired or is not currently valid.
  • 18. ALERT ERROR  certificate_unknown Some unspecified issue arose in processing the certificate, rendering it unacceptable. o illegal_parameter A field in the handshake was out of range or inconsistent with other fields. This is always fatal.