Monday, July 25, 2011

Secure Web Hosting

By Gregory Trune


What is Secure Web Hosting and SSL and what are their benefits:

Internet is no longer a safe place, as information passed on through online can also be read by other people. There are a number of malevolent people known as hackers, who can easily reveal the confidential information that visitors exchange with your website. They can even obtain these types of sensitive information such as, passwords or credit card numbers. It is also possible that these hackers present a customized version of your website, which is hosted on their server to your innocent customers. In most of the cases, this is done to collect some confidential and important information from them. To fight against these hackers, a special Internet protocol called Secure Sockets Layer or SSL was created and thus secure web hosting was born .

Designed in 1994 by Netscape, SSL has become a security technology that is viewed as the standard around the world. It works by creating a link that is encrypted between the web server and the browser. This makes it possible to secure any information that travels between the browser and server. This process is utilized by a great number of providers of e-Business services as they recognize they need to protect their customers' details. They also know that they have a duty to protect the confidentiality of any shopping that occurs online.

The Certificate for SSL:

A SSL Certificate offered by the Certification Authorities (also known as CA) is essential for any web server that wishes to use the protocol of the Secure Sockets Later. Many questions will be asked about your firm and its identity and from here you can choose to run the SSL on your own web server. Two cryptographic keys are generated, one is a Public Key, one is a Private Key, both originate from the web server. The public key does not allow backdoor entry or hidden methods. The key is held in a data file with the rest of your information; this data file is called a CSR, a Certificate Signing Request. The next task will be to submit this CSR. The CA will then go about verifying the information contained within the CSR and this will undertake the SSL Certificates process. After this, another certificate from SSL will be provided and this certificate will hold all the details and information to enable SSL use. The certificate for SSL is linked by the web server to the Private Key. This means a secure and coded link will be created between the visitors' browser and your very own site.

None of these actions are witnessed by the visitor. They will be able to see they key symbol that will inform them that SSL encryption is providing a level of protection for them. If they wish to find out more details about the SSL certificate they can click on the lock icon which can be found in the right hand bottom corner of their screen. It is usually with people who can be held accountable and firms who are legally registered that these certificates are provided to.

Information contained within the SSL certificate includes company name, the name of your domain, the city, an actual address, pin code, state and country. There is also the addition of the expiration date when the Certificate cannot be used after. There are also other details pertaining to the Certification Authority, the firm that provides the Certificate. If you have a SSL certificate, when you attempt to connect to a secure site, this will find the SSL certificate which is used by the site. A verification process that the SSL certificate of the other site is a genuine one to be trusted and is being used by the site that it has been allocated to. Similarly, the expiration date of the other site will be examined. If at any point an error is returned, a warning message will be provided to the user.

There is no doubt that the golden padlock has been accepted by many customers. It is viewed as a symbol of trust for the site. There is little doubt that the e-Business company can use this as an ideal opportunity to encourage trust and additional expenditure from customers and also turn visitors into customers. There are numerous shopping carts or sites that take information from customers and a large percentage utilize the SLL certificates. Nevertheless, users should recall that if confidential information is sent by email, this information is not naturally secured.

Functions that are new to users:

Many users may be aware of the SSL v2 version but the SSL v3 is a much improved version. The SHA-1 based cipher has been added and this offers assistance with regards to authenticating certificates. SSL v2 had some flaws like when cryptographic keys were utilized for both the authenticating messages and encryption. In addition to this, SSL v2 did not provide any level of protection for the handshake, leaving it open to "man in the middle downgrade attacks" occurring without anyone noticing.

Furthermore, the Secure Sockets Layer has been recently been succeeded by Transport Layer Security TLS. This TLS is based itself on SSL and has been incorporated as an integral part of Netscape and Microsoft browsers as well as of most of the Web server products. In present days, the Secure Sockets Layer uses private and public key encryption system from RSA that also includes the utilization of a digital certificate.

Do you require an SSL Certificate:

Companies who provide an online shopping provision and allow customers to use credit cards are advised to have an SSL certificate to ensure an extra layer of protection for customers.

There is a need for offices that have intranet usage where information is being distributed to obtain an SSL certificate.

* It is also advisable to get an SSL Certificate in case you have offices, which share confidential information over an intranet.

For businesses that have a number of partners who share and provide information on an extranet system, having an SSL certificate is able to offer more protection from hackers.

* If in case your business partners log in to private information on an extranet, an SSL Certificate helps you to protect them from hackers.

Beneficial data to consider when buying SSL Certificates:

* The Certificate Authority market is quite diverse, but it is better to purchase an SSL Certificate that meets your requirements as well as budget. You can find a number of Secure Sockets Layer Certificate in different price range. The Open Directory Project identifies 22 third parties and offers over 20 root certificates that are included into Firefox and Internet Explorer. However, due to its price, it is dominated only by a few major firms.

* A survey undertaken in June of 2005 by Netcraft set out to find the names of the biggest providers of SSL certificates. This was backed up in 2007 when Security Space attempted a similar search. The top ranker was found to be Equifax, through its Geotrust arm (www.equifax.com), the next was VeriSign plus which utilized their Thawte subsidiary (www.verisign.com) as well as GoDaddy/Starfield (www.godaddy.com),, Comodo (www.comodo.com) and Digicert (www.digicert.com).

In fact, depending on the measurement methodology, these six vendors as a whole have occupied approximately 95% of the total market. The Verisign holds the largest market share of around 72%, followed by Comodo which holds around 18% share, Geotrust with 3.43% of the total market share. Entrust and GoDaddy obtained approximately 2.5 % and 1% respectively. The other vendors hold 3 to 4% on an average.




About the Author:



1 comment:

  1. Web hosting is essential for every website and a web hosting provider should provide secure and reliable hosting services.web hosting provider

    ReplyDelete