Overview of HTTPS and VPN

Overview of HTTPS and VPNHTTPSHTTPS (originally developed by Nestscape) stands for HyperText Transport Protocol Secure and is basically similar to an HTTP but uses a Secure Socket Layer (SSL) or Transport Layer Security (TLS) as a sublayer for security purposes. It enables inviolate communication and assignion in the midst of a remote user and a tissue server by encrypting and decrypting pages that are requested, delivered and received.For example, while using the entanglement page that has a prefix https//, when the user clicks Send, to transmit the page back to the vendor or service provider, the HTTPS layer from the users browser will encrypt it. Likewise, the acknowledgment returned by or received from the server will likewise be transmitted in encrypted form, i.e., it will be delivered and will arrive encrypted, in turn to be decrypted for the user by the HTTPS sublayer of the users browser. In the likelihood that connection is compromised and intermediary hackers/attack ers acquire the information being transmitted via HTTPS, the information would be undecipherable. Note that the decrypted selective information arriving at its destination is only as secure as the host computer. (Rouse.)Additionally, secure web sites also typically display a small padlock icon somewhere next to the URL. By clicking the lock icon, one is able to view the secure certificate that authenticates the website. (Christensen.) Not only is it the de facto communications protocol for conducting sensitive transactions on the web (especially ones that involve credit card and bank account information), it can also protect users from censorship by a government or an ISP. (ComputerHope.com.)SSL (Secure Sockets Layer) is a popular implementation of earth- disclose encryption. Once the browser sends out the public linchpin and the certificate, it checks to reconstruct sure that (1) the certificate is provided by a trusted party (2) the current certificate is valid and (3) the cer tificate has a relationship with the site generating it. The public winder is used to encrypt a randomly selected symmetric key. In other words, most systems use a combination of public key and symmetric key encryption. Under a secure session, one computer creates a symmetric key and sends it to the other computer using public-key encryption. When the session is completed, each computer disposes the key that was created and that was used for the particular session. For any ensuing sessions, a new symmetric key is created, and the routine is repeated. (ComputerHope.com.)VPNVPN (Virtual Private Network) is a private network that uses a public network to connect remote sites or users together instead of using a dedicated line or physical network connection. The virtual connections are routed through the Internet from a private network (such as a company) to the remote site (such as an employee). The technology enables the creation of an encrypted connection over a less secure network. A well-designed VPN incorporates security, reliability, scalability, network management and policy management (Cisco.com.)Two common types of VPNRemote-Access (or, Virtual Private Dial-up Network VPDN), is a user-to-LAN connection created by a company for its employees who are on various remote locations and who need to connect to the private network.Site-to-Site (categorized into intranets or extranets) uses dedicated equipment and large-scale encryption and can connect multiple fixed sites over a public network such as the Internet, or over a large distance (much like a WAN), with each site needing only a local connection to the same public network. (Cisco.com.)In order to gain access to the private network, a user must first be authenticated by using a unique PIN (personal identification number) and a password. The PIN changes according to a circumstantial frequency, usually every 30 seconds or so. VPN technology uses complex algorithm encryption to guarantee secure and private communication as well as to prevent any unintentional or unauthorized interception of data between private sites. (whatismyipaddress.com.)Commonality/DifferenceVPNs use IPSec (Internet Protocol Security) connection to tunnel between the two endpoints and require third-party hardware and/or software. An extra layer of security is provided since in order to access or connect to a VPN, the remote tress must have an IPSec client software application installed but must also have it properly configured. In other words, although all data/ calling is encrypted, users on can only access the encrypted applications that they are configured to access in the SSL VPN connection and not the entire network. (Lifewire.com.)HTTPS relies on SSL, which is a common protocol that most web browsers have built in. The secure connection exists between the users browser and the server or a specific web site. All data exchanged between the two are encrypted. Unlike VPN, it does not provide access to anythin g other than what is currently being communicated. Comparatively, it does not require an authentication codification or PIN. Instead it creates a temporary public or symmetric key, which is discarded as soon as the communication is finished.