Online Security and Certification{6}


by Shaleen S
One wouldn’t be surprised if every once in a while, one hears people concerning themselves about online safety whenever there is a transaction. As per the data compiled in 2005 by the “Forrester Research”, 84% of the population though that the online retailers were not providing enough security, and 24% of the people did not at all perform online transactions because of the same reason.

But it’s not the same anymore. Another research suggests that a large amount of population did not knew what the lock symbol meant whenever it appeared. The lock symbol signifies that the website is secured and the information is sent only to the intended party. And for that reason each symbol is associated with two things. A PKI(public-Key Infrastructure) and CAs(Certificate Authorities) that gives out the digital certificates and owner’s identity. And in this way SSL(Secured Sockets Layer) connection is established between the parties. An SSL connection encrypts the data, so it is virtually impossible to retrieve any information by keylogging or any such method. SSL has many application and it is used more than one can imagine in places like email addresses, simple web browsing, instant messaging etc. One of the easiest way to recognize this by looking at the URL, or the web address. While most of the websites start with “HTTP”, a secured website will start with “HTTPS” where the extra ‘s’ indicates that it is a secured connection. The successor to the SSL is called TLS(Transport Security Layer). TLS is an upgrade to SSL that provides more security. There have been several version of it, and upgrades keep on happening with the changing need of security and increasing online transactions.

Just like most of the things expire, the certificates expire also, and hence have to be renewed.The certificates can expire in several ways, but mainly because their issuance is over, the company itself revoked it, or the CAs revoked it. Therefore, one has to be careful about the fine line. One can always verify the authenticity of the website by looking at the digital certificate. Again, there are two ways two check the certification. Either by CRL(Certificate Revocation List) or by OCSP(Online Certificate Status Protocol). CRL is a very tiresome process because say for instance there were 200,000 certificates revoked, then the browser will slow down because it has to verify a list of 200,000.  OCSP is a newer approach. It checks the live status of a certificate and gives out real-time information. Most of the browsers come pre-installed with OCSP.

With all these facts in mind, online transactions have become much safer and secure and easy to use. But repeatedly, one always has a slight concern in the back of the mind.

 

Reference:

Winkle, William V. “Processor Editorial Article.” Object Moved. 24 Apr. 2009. Web. 07 Apr. 2012. <http://www.processor.com/editorial/article.asp?article=articles/p3113/48p13/48p13.asp>.