What is SSL - Secure Sockets Layer
A network protocol which provides security to web-based network traffic. A
connection is established with the server which sends a digital certificate to
the browser/user system to verify its authenticity. The client then generates a
random session encryption key which it sends to the server. The latter uses its
own private key to decrypt the client's session key. This results in both
parties having a shared secret key to protect encrypted information. The SSL
also allows each party to check that data has not been modified in transit (i.e.
check its integrity) by using a hash function.
SSL is used to secure web server accesses, but it should be noted that it
only protects information in transit; once decrypted and processed or stored by
the web server (e.g. in a database), the information is no longer protected.
© Crown Copyright. Material taken from the DTI - Department for Trade and Industry. Reproduced under the terms and conditions of the Click-Use Licence.