TLS Security 1: What Is SSL/TLS

Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are cryptographic security protocols. They are used to make sure that network communication is secure. Their main goals are to provide data integrity and communication privacy. The SSL protocol was the first protocol designed for this purpose and TLS is its successor. SSL is now considered […]

Read More →

TLS Security 5: Establishing a TLS Connection

The process of establishing a secure SSL/TLS connection involves several steps. SSL/TLS security protocols use a combination of asymmetric and symmetric encryption. The client and the server must negotiate the algorithms used and exchange key information. For the purpose of explaining this complex process, we use a TLS 1.2 connection, not the most recent TLS […]

Read More →

TLS Security 3: SSL/TLS Terminology and Basics

To understand how Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols works, you must first understand certain basic concepts. The primary mechanism used by SSL/TLS is asymmetric encryption with cipher suites. These and related terms are explained below. Encryption Encryption is the process in which a human-readable message (plaintext) is converted into an […]

Read More →

PHP Security Part 5: Top Tips

This final part in the series on PHP security concludes with tips for building a web application/system with security in mind. There are certain things which if done during the development cycle of a web application, will dramatically help reduce the risk of being exposed to a critical vulnerability. Some of those things include but […]

Read More →