Transport Layer Security or TLS, widely known also as Secure Sockets Layer or SSL, is the most popular application of public key cryptography in the world. It is most famous for securing web browser sessions, but it has widespread application to other tasks.
TLS/SSL can be used to provide strong authentication of both parties in a communication session, strong encryption of data in transit between them, and verification of the integrity of that data in transit.
TLS/SSL can be used to secure a broad range of critical business functions such as web browsing, server-to-server communications, e-mail client-to-server communications, software updating, database access, virtual private networking and others.
However, when used improperly, TLS can give the illusion of security where the communications have been compromised. It is important to keep certificates up to date and check rigorously
for error conditions.
In many, but not all applications of TLS, the integrity of the process is enhanced by using a certificate issued by an outside trusted certificate authority.
This paper will explore how TLS works, best practices for its use, and the various applications in which it can secure business computing.