2.5 Certificate-based authentication

Previous page
Table of content
Next page

2.5    Certificate-based authentication

The SSL and TLS protocols are the security technology of choice for the WWW and, indeed, most Web applications. As further addressed in Chapter 6, these protocols can be used to have a Web browser and a server authenticate each other, [14] establish a session key, and use this key to transparently encrypt, decrypt, and authenticate data segments that are exchanged between them. Consequently, this protocol can also be used to have a Web server (or HTTP proxy server) properly authenticate its users. This makes user authentication and authorization simple and straightforward. On the other side, however, it also requires that servers and browsers be equipped with public key certificates. Public key certificates and the establishment and use of corresponding infrastructures is further addressed in Chapters 7 and 8.

[14] Server-side authentication is mandatory in SSL and TLS, whereas client-side authentication is optional.



Previous page
Table of content
Next page
Security Technologies for the World Wide Web
Security Technologies for the World Wide Web, Second Edition
ISBN: 1580533485
EAN: 2147483647
Year: 2003
Pages: 142
Authors: Rolf Oppliger
BUY ON AMAZON
Lotus Notes and Domino 6 Development (2nd Edition)
Kanban Made Simple: Demystifying and Applying Toyotas Legendary Manufacturing Process
SQL Hacks
Microsoft Windows Server 2003(c) TCP/IP Protocols and Services (c) Technical Reference
Extending and Embedding PHP
MPLS Configuration on Cisco IOS Software
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy