Security protocols and authentication services for information security

Source: Internet
Author: User

Concept of security protocol and Authentication Service security protocol for information security HTTPS concept
    • The HTTPS full name hypertext Transfer Protocol over Secure Socket layer is an SSL/TLS-based HTTP protocol located at the application layer. The HTTP protocol for the application layer? The SSL/TLS protocol for the Transport layer.
SSL/TLS Concepts
    • is itself a transport layer protocol with encrypted information.
    • SSL: Security protocols that provide security and data integrity for network traffic
    • TLS: A generic protocol based on SSL, a JI successor for the SSL protocol

      The transmission process is encrypted.
Contents of the TLS protocol
    • Levels of the TLS protocol
      • TLS recording Protocol (TLS record Protocol): Responsible for message compression, encryption, and data authentication. (The original message is divided into a number of smaller fragments to compress the fragments, respectively, the compressed message fragments with the message verification code, compressed fragments and message verification code will be encrypted together by symmetric password, encryption using the symmetric cipher algorithm and shared secret key is in the communication between the two parties before the communication through the Handshake protocol generated)
        TLS Handshake Protocol (TLS handshake Protocol): Other operations except encryption
      • Handshake Protocol: Responsible for generating shared secret keys and exchanging certificates
      • Password Specification Change protocol: Responsible for password switching synchronization
      • Warning Protocol: Notifies the communication object when an error occurs
      • Application Data protocol: Used to transfer application data between and between communication objects (hosting the data in the HTTP protocol)
TSL Communication Model
    • First Step negotiation algorithm
      The algorithms supported by both sides are selected through 2 and 4.
      • Second Step verification Certificate
        • Client Authentication server-side certificate
      • Server verifies client certificate (only required if two-way authentication is needed) (e-commerce must be secure with two-way authentication)
    • The third step is to build the master key Master Sector
      PMS (Prepare Master Sector master key), the server's public key is brought to the client through a certificate at the time of the handshake.
    • Step Fourth Build session key
      Fourth step after terminating the handshake protocol, formally entering the session
    • Fifth Step formal encryption interaction
    • In the above process, there is an error at either end, it will be re-entered into the negotiation algorithm phase, to ensure security.

Security protocols and authentication services for information security

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.