Secure Sockets Layer (SSL)

Secure Sockets Layer (SSL) is a standard protocol used for the secure transmission of documents over a network. Developed by Netscape, SSL technology creates a secure link between a Web server and browser to ensure private and integral data transmission. SSL uses Transport Control Protocol (TCP) for communication.

In SSL, the word socket refers to the mechanism of transferring data between a client and server over a network.

When using SSL for secure Internet transactions, a Web server needs an SSL certificate to establish a secure SSL connection. SSL encrypts network connection segments above the transport layer, which is a network connection component above the program layer.

SSL follows an asymmetric cryptographic mechanism, in which a Web browser creates a public key and a private (secret) key. The public key is placed in a data file known as a certificate signing request (CSR). The private key is issued to the recipient only.

The objectives of SSL are:

• Data integrity: Data is protected from tampering.
• Data privacy: Data privacy is ensured through a series of protocols, including the SSL Record Protocol, SSL Handshake Protocol, SSL Change CipherSpec Protocol and SSL Alert Protocol.
• Client-server authentication: The SSL protocol uses standard cryptographic techniques to authenticate the client and server.

SSL is the predecessor of Transport Layer Security (TLS), which is a cryptographic protocol for secure Internet data transmission.