Transport Layer Security
Transport Layer Security provides a way for you to create a secure network connection between a client and a server by encrypting the connection between both entities. Transport Layer Security is similar to Security Socket Layers because both protocols provide security for applications such as email, Instant Messaging, Web browsing, VoIP (Voice over Internet Protocol).
How Transport Layer Security Works
Transport Layer Security is used within organizations that use payment processes, store sensitive data such as medical information, or collect confidential information from the users on the network, and can also be used by other businesses that want to secure network connections between the client and the server.
Transport Layer Security involves the use of an encryption system which utilizes a digital certificate which is formulated to identify the network owner, as well as create public keys that are used to encrypt communications over the network. The certificate is installed on the portion of the server that requires encryption.
When the client logs onto the network, a message is sent to the server that identifies the client. The server will then return a message and list the cryptographic methods that are to be used for communication to ensure the client and the server are communicating in the same language.
Different Types of Transport Layer Security
There are several different types of Transport Layer Security depending upon the encryption requirements for the organization.
- Web Server Transport Layer Security: This type of encryption protects the data when the client connects to the Internet to send data through a Web browser or website. The TLS encryption provides a secure Web server and prevents the data from being intercepted by an unauthorized user.
- Email Server Transport Layer Security: To secure communications between the email client and the server, a digital certificate is installed on the email server to provide encrypted communications when sending and receiving confidential information via email.
- Virtual Private Network Security: Transport Layer Security works to secure a virtual private network appliance by installing a digital certificate on the VPN appliance that provides an encrypted connection between the remote user and the network that they are accessing.
- Database and Directory Security: Organizations deploy Transport Layer Security to encrypt server queries for databases and directories that contain sensitive data and information.
Before using Transport Layer Security it is important to determine which client-server applications need to be secured before seeking digital certificate from a reputable certification authority that can prove the identity of the certificate owner.