SSL is the Secure Socket Layer. It is a protocol that encrypts a single TCP session. Using this Asymmetric Encryption, all data exchanged over a TCP socket can be cryptographically protected. SSL is the base of HTTPS - the secure World-Wide Web protocol.

SSL was designed by Netscape using algorithms invented by RSA (Rivest-Shamir-Adelman). Commercial implementations may be purchased from RSA. A free and robust implementation called SSLeay is also internationally available. Check your local legislation about Encryption to see if your government will let you download and use this software.

Other protocols, such as LDAP, can be run over SSL, and thereby secured.

Return to IT Security Concepts