iTP Secure WebServer System Administrators Guide (Version 7.5+)
D Security Concepts
This appendix describes basic concepts relevant to setting up and administering the iTP Secure
WebServer:
• “Open Network Security” (page 269)
• “Cryptographic Techniques” (page 270)
• “Managing Key Certificates” (page 272)
• “Transport Layer Security (TLS)” (page 273)
• “Secure Sockets Layer (SSL)” (page 274)
• “Deploying TLS and SSL” (page 274)
• “Comparing TLS and SSL” (page 275)
Open Network Security
This section discusses these security topics as they relate to security systems on open networks:
• “Encryption” (page 269)
• “Authentication” (page 270)
Encryption
Encryption is the transformation of data into a form that only persons who have access to the proper
decryption key can read. Encryption ensures privacy by keeping information hidden from anyone
for whom it is not intended. For example, to keep competitive bidding data from falling into the
hands of your rivals, you might want to encrypt your data before transmitting it to a prospective
client across a public communications link. Or to keep your department's personnel records secure,
you might want to encrypt these records before storing them on hard disk.
In general, encryption works as described and as shown in Figure 13 (page 269): Romeo wants to
send a private message to Juliet over a public communications link. Romeo encrypts his message
(called the plaintext) with an encryption key, and then sends the encrypted message (called the
ciphertext) to Juliet. Using a decryption key associated with the encryption key used by Romeo,
Juliet decrypts Romeo's ciphertext back into human-readable form.
Figure 13 Basic Encryption
Romeo Juliet
Encryption Key Decryption Key
A
B
C
#
%
&
#
%
&
A
B
C
If Capulet, Juliet's father, were to intercept Romeo's ciphertext during transmission, he could not
read Romeo's message unless he could access Juliet's decryption key or broke the code by some
other means.
Open Network Security 269