Question

In: Computer Science

TEKSEC is a marketing business and is required to have a web server open to public...

TEKSEC is a marketing business and is required to have a web server open to public however, they must provide secure communication between public customers and the webserver. Please explain what would be the right encryption solution for this seceneario. Also using a diagram please show the process of obtaining the encryption key by TEKSEC and customers.

Solutions

Expert Solution

Given that: TEKSEC is a marketing business and it is required to have a web server open to public however on the same time they must provide secure communication between public customers and webserver.

The right encryption solution for the above scenario is use of SSL or TLS.

Basically, HTTP(i.e Hyper text transfer protocol) is a protocol which is used to deliver the data from the client( i,e web browser) to the server or HTTP is a way of communication between server and browser.

but there is a limitation of the HTTP protocol, that is it transfer the data in clear text format. so, as our websites are getting advanced and we are passing credit card information, log in information,or another bunch of sensitive information that needs encryption or data to be secured from cybercriminals or hackers.

here comes the HTTPS( i.e hypertext transfer protocol secure) protocol that is a secure version of HTTP protocol. It simply makes the encryption when request or data is traveling from web browser to web server so that if any cybercriminal picks up the information from the server, they get data in an encrypted format and do not do any modification.

HTTPS protocol works either of two things that are SSL( secure socket layer) or TLS( transport layer security). SSL is used for encrypted data that is sent from a web browser to the server. In short, SSL is the one that provides a secure communication between two systems by encrypting the sensitive data. TLS is just an updated version of SSL that provides more security in terms of encryption.

Now, these both use PKI( i.e public key infrastructure). further, PKI uses two keys that is a public key and private key. so, anything which is encrypted using public key can be decrypted using private key or anything which is encrypted using private key can be decrypted using public key.

also, encrypted data is in form of ciphertext which further decrypted in plain text format to make it readable again.

Diagram that shows the process of obtaining encryption key by TECSEC and Customers are:

as discuss earlier, different keys are used to encrypt or decrypt the data. so, if data is to be encrypted using public key can be decrypted using private key or vice versa.


Related Solutions

Web Server is the computer that stores Web Server Software and Website. If you are running...
Web Server is the computer that stores Web Server Software and Website. If you are running some service like Food Panda which type of Hosting Server will be used. Answer your question by discussion and comparison of different types of web hosting? If you have low budget so what will be the best possible hosting plan in this situation? Justify your answer by logical reasoning.
Discuss the main similarity and difference between a dedicated web server and a co-located web server....
Discuss the main similarity and difference between a dedicated web server and a co-located web server. Group of answer choices Both of them are mainly used for small to medium-size web sites. Both of them are mainly used for large to enterprise-size web sites. Both of them are kept and connected to the Internet at the web host provider's location. One of them is kept and connected to the Internet at the web host provider's location, while the other is...
A small company network have multiple servers (including a web server, a log server, DNS servers,...
A small company network have multiple servers (including a web server, a log server, DNS servers, a file server for inventory information and customer orders, but no email server) , two firewalls, DMZ, and PCs. The company sales products online. a). Suppose that you are a system administrator. What types of network connections will you allow to be established with the servers in the DMZ from the Internet? b). What are the points of entry for attackers? c). How do...
Describe the process involving the transmission of a Web page from a Web server to a...
Describe the process involving the transmission of a Web page from a Web server to a user’s computer.
AWS screenshot of a view of the web browser connection to your web server via the...
AWS screenshot of a view of the web browser connection to your web server via the load balancer (step 5 of this lab document).
How are the web frameworks - Spring, Google Web Toolkit, and Java Server Faves - similar...
How are the web frameworks - Spring, Google Web Toolkit, and Java Server Faves - similar and how are they different?
Suppose Alice and Bob have RSA public keys in a file on a server. They communicate...
Suppose Alice and Bob have RSA public keys in a file on a server. They communicate regularly, using authenticated, confidential message. Eve wants to read the messages but is unable to crack the RSA private keys of Alice and Bob. However, she is able to break into the server and alter the file containing Alice’s and Bob’s public keys. (1) How should Eve alter the file to so that she can read confidential messages sent between Alice and Bob, and...
How does a Web server perform its basic functions
How does a Web server perform its basic functions
(3) -> The arrival of packets at an Ethernet adapter of a web server is described...
(3) -> The arrival of packets at an Ethernet adapter of a web server is described by a Poisson process with a rate of 100 packets per second . Packets that arrive to the Ethernet adapter described in the above problem (3) are queued up in a buffer until processed by the Interrupt Service Routine (ISR). Assuming that the ISR service time per packet is exponential with an average of 9.6 milliseconds. Answer the following questions: (a) What is the...
In this assignment, you will develop a simple Web server in Python that is capable of...
In this assignment, you will develop a simple Web server in Python that is capable of processing only one request. Specifically, your Web server will (i) create a connection socket when contacted by a client (browser); (ii) receive the HTTP request from this connection; (iii) parse the request to determine the specific file being requested; (iv) get the requested file from the server’s file system; (v) create an HTTP response message consisting of the requested file preceded by header lines;...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT