Dissertation on "Data Capture via SSL & https Decryption"

Home > Topics > Computers & Internet My Account

Dissertation 63 pages (17577 words) Sources: 47

[EXCERPT] . . . .

SL/https De-Encryption

SSL/https is widely used as is generally considered to be a secure method of encryption for the transmission of sensitive information across the Internet. But just how secure is it?

The concern for security is crucial in the present era of communication. In keeping with the rising feature in networking and the Internet specifically, the urgency for validation and encryption is going up at a fast pace. A lot of businesses and government establishments are no more ready to transmit their classified information and messages in non-coded form through an unsafe network. (IPV6 vs. SSL: Comparing Apples with Oranges) Encryption is being resorted to often by the present day online and offline operating systems. At any moment there prevails some data like passwords which is necessitated to be memorized and transferred between the computers. Encryption here is being resorted to in order not to make it understandable to the undesired recipients. To illustrate the operating systems such as the current version of Windows usually taken into memory the passwords entered not in the form of plain texts as it is entered but in form of numerical hash of the original, coded by one of many available techniques. This makes it difficult to access the information simply with browsing of the files or the registry. (Beginners Guides: Encryption and Online Privacy)

The encrypting has gained significance with the increasing use of Internet as a media for transfer of information. The person dependent upon the Internet resources to transfer the data across a public network needs to be assured of the fact that the data is suf

Continue scrolling to

download full paper ⤓

ficiently encrypted so as to make it not understandable to the casual eavesdropper. The common principle operating behind the computer data encoding techniques is to involve in the data encoding process that will have a numerical value to be used for encrypting the data that it transmits over the wire into a meaningless collection of characters. The key of encrypting will be settled on by the remote computer, of course depending upon the method of encrypting deployed, before the data is actually transferred then it is used by both the computers for encoding and decoding of the data only for another computer's separate key value to decode and vice versa. Many techniques of encrypting are presently available and most commonly used technique in Internet transactions is Secure Sockets Layer. (Beginners Guides: Encryption and Online Privacy)

One of the greatest dangers to computer security is posed by those customers who without consideration or caution indiscriminately download software from different web sites. The software might not securely do authentication or interpretation of data. It might be having viruses like "Trojan Horses" that can assume various types of vicious web site addresses or destructive codes effected with the help of interpreters like postscripts in the client workstation or the Java Virtual Machine. In case the software contents are not correctly examined, possibility remains for this data to malign the programs that are resident on the client system. Alteration of data residing in the server is one of the dangers to a server. Users without having permission access to a server can alter, malign or remove data saved in the server. Disorganized validation systems and access control or the complete lack of these safety aspects might permit access to the server information by illegal users without any difficulty. (Secure Servers with SSL in the World Wide Web)

Besides faults in the server software might expose the system by making a security hole for illegal users. Danger posed by point-to-point security is reliant on the client and server characteristics to safeguard and afford a communication, which is secured. Currently, through the Internet, companies and clients perform business transaction through the World Wide Web. Customers will be parting with personal information like credit card numbers, account information through unsafe communication networks. The dangers of conducting business over the Internet can be reviewed as divulging information, manipulating information, damaging of information and non-availability of services. Various hazards related to these dangers are monetary, intimidation of life and status. An answer to these concerns is to make available a means for confidentiality, verification, uprightness and non-denial. Presently, a majority of the organization are secured by means of an Internet firewall that executes safety regulations on the basis of the network services allowed within the establishment. (Secure Servers with SSL in the World Wide Web)

URLs are compatible with various types of resources like FTP, HTTP, NNTP, TELNET, RLOGIN and so forth. Nearly all firewalls will allow the execution of just a part of these resources. Nevertheless, web servers extend these services free from the normal method, like the normal FTP routes. Hence, there are probabilities to circumvent the security firewall rule by utilizing the services obtainable from the web. This paper will review a planned scheme given by Netscape known as the SSL or Secure Socket Layer that is made to provide confidential and validate communications. This novel, up-to-date technology focuses on and offers an explanation for a majority of the problems that render managing a website an unsafe proposal for many organizations. (Secure Servers with SSL in the World Wide Web)

In view of the increasing data volume and significance of the transferable data over the Internet, the growing necessity for security of them is being increasingly felt in the present days. Presently every user of a public network resorts to transfer of various types of data ranging from email to credit card details everyday and want them to be safeguarded over the public network in their transfer process. (Secure Socket Layer- (www.windowsecurity.com) Internet browsing involves instant communication between the Web server and the Web browser. Generally, the data transferred between the server and the browser is perfectly comprehensible to everybody those are keen on deciphering it. These circumstances are quite similar to that of conversation over the telephone that is made possible if any body has access to the electrical connections between the two telephones at any point. It is possible of him to eavesdrop and even infuse unauthentic information into the conversation.

Eavesdropping of internet communication is not technically insignificant however, it is also not considered as significant as the rocket science. As a whole, however, people are having less reliance on the Internet security than that they need to be. It has been increasingly felt by over 50% of people sending the credit card number over the Internet involves the same level of security just transmitting it vocally by shouting from the roof top. However, it is misrepresented, since it is as secured as making a telephone call from an organizational switchboard. It is possible to listen in by a small number of people. In order to be listening in by a majority of people, when they really want to badly enough and have necessary technical skills. It has been however, observed that a majority of people have neither the required expertise nor the access. In order to provide online trading and e-commerce services it is required that the customers are to send in their credit card numbers over the Web media.

It is the business ethics to have enough precautions to make secure the relevant data of the customers and confidential information. The trustworthiness of the customers increases with the increasing confidence of the customers about seriousness of the businessmen to maintain such data. The traditional problem involved in encrypting is the problem of transmitting the password from one computer to another. In order to ensure effective functioning of the encrypting there is necessity of ensuring compatibility of keys used by the sender and receiver. Sending of key through Internet is not considered safer. The safest method available is encrypting. To overcome the limitations associated with the encrypting the solution is to resort to asymmetric encryption. The method involves different but compatible keys for encryption and decryption. With the initiation of communication two compatible keys are generated by the server. One known as public key is used for encryption only and it cannot decrypt. It is safer to send them over the Internet to reach the browser. When this key is captured by someone it may not be of much useful to him since it is used only to encrypt. (Secure Socket Layer- (www.windowsecurity.com)

The public key is used by the browser to encryption the data need to be sent to the server. The encrypted data then securely sent over the Internet. When the data is intercepted by somebody, he cannot make any sense of it, until is decoded with assistance of the private key. The private key is retained by the server to decode the data. The decoded data is taken as input for processing as usual. The vice versa is being followed up with data transfer from the server to the client. The introduction of… READ MORE

Download Full Paper

Write a New Paper for Me

Quoted Instructions for "Data Capture via SSL & https Decryption" Assignment:

“

SSL/https De-encryption Project

SSL/https is widely used as is generally considered to be a secure method of encryption for the transmission of sensitive information across the Internet. But just how secure is it?

This project will consider ways and methods of de-encrypting https sessions using the following sources of information:

1. The lawful interception, monitoring, capture and analysis of https session data using network analysis and forensic tools
2. The exploration of how access to additional client and/or server data could be used to assist in the de-encryption of the data captured

How to Reference "Data Capture via SSL & https Decryption" Dissertation in a Bibliography

“Data Capture via SSL & https Decryption.” A1-TermPaper.com, 2004, https://www.a1-termpaper.com/topics/essay/sl-https-de-encryption-ssl-widely/661364. Accessed 6 Jul 2024.

Data Capture via SSL & https Decryption (2004). Retrieved from https://www.a1-termpaper.com/topics/essay/sl-https-de-encryption-ssl-widely/661364

A1-TermPaper.com. (2004). Data Capture via SSL & https Decryption. [online] Available at: https://www.a1-termpaper.com/topics/essay/sl-https-de-encryption-ssl-widely/661364 [Accessed 6 Jul, 2024].

”Data Capture via SSL & https Decryption” 2004. A1-TermPaper.com. https://www.a1-termpaper.com/topics/essay/sl-https-de-encryption-ssl-widely/661364.

”Data Capture via SSL & https Decryption” A1-TermPaper.com, Last modified 2024. https://www.a1-termpaper.com/topics/essay/sl-https-de-encryption-ssl-widely/661364.

[1] ”Data Capture via SSL & https Decryption”, A1-TermPaper.com, 2004. [Online]. Available: https://www.a1-termpaper.com/topics/essay/sl-https-de-encryption-ssl-widely/661364. [Accessed: 6-Jul-2024].

1. Data Capture via SSL & https Decryption [Internet]. A1-TermPaper.com. 2004 [cited 6 July 2024]. Available from: https://www.a1-termpaper.com/topics/essay/sl-https-de-encryption-ssl-widely/661364

1. Data Capture via SSL & https Decryption. A1-TermPaper.com. https://www.a1-termpaper.com/topics/essay/sl-https-de-encryption-ssl-widely/661364. Published 2004. Accessed July 6, 2024.

Related Dissertations: