What is S-HTTP (Secure HTTP) Protocol?
In this tutorial, we are going to see What is S-HTTP (Secure HTTP) Protocol?
S-HTTP (Secure HTTP) is a process for securing HTTP transactions based on an enhancement to the HTTP protocol developed in 1994 by EIT (Enterprise Integration Technologies). It is used to provide security for e-commerce transactions by encrypting messages to ensure the confidentiality of customers’ credit card numbers or other personal information. An implementation of S-HTTP has been developed by Terisa Systems to include security at the web server and browser level.
How S-HTTP works?
Unlike SSL, which works at the transport layer, S-HTTP provides message-based security on top of the HTTP protocol by individually encrypting HTML documents with certificates. While SSL is independent of the application used and encrypts the entire communication, S-HTTP is very strongly tied to the HTTP protocol and encrypts each message individually.
S-HTTP messages are based on three components:
- The HTTP message
- The sender’s cryptographic preferences
- The recipient’s preferences
Thus, to decrypt an S-HTTP message, the recipient of the message analyzes the message headers to determine the type of method that was used to encrypt the message. Then, using its current and previous cryptographic preferences, and the sender’s previous cryptographic preferences, it is able to decrypt the message.
S-HTTP vs SSL:
While SSL and S-HTTP used to be competitors, many people realized that the two security protocols were complementary, as they do not work at the same level. In this way, SSL provides a secure Internet connection while S-HTTP provides secure HTTP exchanges.
In this way, the company Terisa Systems, specialized in network security, trained by RSA Data Security and the EIT, has developed a development kit that allows developers to develop Web servers that implement SSL and S-HTTP (SecureWeb Server Toolkit), as well as Web clients that support these protocols (SecureWeb Client Toolkit).
- What is S/MIME and How Does It Work?
- What is SET(Secure Electronic Transaction) Protocol?
- What is S-HTTP (Secure HTTP) Protocol?
- What is SSH Used For?
- What is SSL and How does it Work?
- What is PGP(Pretty Good Privacy) in Cryptography?
- What is RSA in Cryptography?
- What Is DES (Data Encryption Standard)?
- Vigenère Cipher with Example
- What is a Digital Certificate in Cryptography?
- What is a Digital Signature in Cryptography?
- What is Session Key in Cryptography?
- Asymmetric Encryption
- Symmetric Encryption
- What is Transposition Cipher With Example?
- What is ROT13 and How Does it Work?
- What is the Caesar Cipher?
- Substitution Cipher with Example
- What is Cryptography in Computer Network?
- Computer Security MCQs – Multiple Choice Questions and Answers – Part 1
- Computer Security MCQs – Multiple Choice Questions and Answers – Part 2
- Computer Security MCQs – Multiple Choice Questions and Answers – Part 3
- Computer Security MCQs – Multiple Choice Questions and Answers – Part 4
- Web Security And Transport Layer Security (TLS)
- IT Security & Data Protection: Similarities and Differences
