Access your Pro+ Content below.
Tackling SSL vulnerabilities for secure online transactions
This article is part of the January/February 2012 issue of Information Security magazine
Despite the economic gloom, business is booming on the Internet. An IBM study of 500 retailers reported that online Black Friday sales were up 24.3 percent year-over-year, while according to statistics from U.K.-based online retail software company MetaPack, online sales in December were up 30 percent and the last week before Christmas saw almost double the sales compared with last year. Critical to this success and the ongoing viability of any kind of Internet business is the ability of customers to complete secure transactions online. Whether it’s a financial transaction or logging into an online account, users need to be able to verify who they are communicating with and know that the contents of that communication are safe. However, a number of attacks on high-profile certificate authorities last year have highlighted the fallibility of Web server certificates, while the security of Secure Sockets Layer (SSL), the protocol behind secure online transactions, has been called into question. In this article, we’ll examine the ...
Features in this issue
Attackers are targeting new vectors such as smartphones, social media and cloud services. Enterprises need to up their game.
Managing mobile device risks tops the list of priorities for security pros this year.
A rash of CA breaches shows up weaknesses in the SSL infrastructure. Take action to protect your customers and employees.
Security experts say there are better alternatives to copyright protection.
Columns in this issue
An examination of three cases illustrates that it’s not always a clear case of good vs. evil.
Security expert Marcus Ranum talks with Joel Yonts, a seasoned security executive with a passion for information security research.
Prominent security and Internet thinkers and leaders have become an effective lobby on Capitol Hill and played a big role in squashing SOPA.