Why use SSL?

Authentication

To make an environment secure, communication must be with trusted sites whose identities are known. SSL uses digital certificates for authentication — these are digitally signed documents which bind a public key to the identity of the private key owner.

Authentication happens at connection time, and is independent of the application or the application protocol. Authentication involves verifying that sites with which communications are established are who they claim to be. SSL authentication is performed by an exchange of certificates (blocks of data in a format described in the X.509 standard). X.509 certificates are issued and digitally signed by an external authority known as a certificate authority (CA).

Authorization

Checks are made to ensure that the authenticated users are permitted to access the system resources needed by the tasks they are performing. These resources can include computer systems, application functions, transactions, programs, databases, files, and other CICS resources.

Data integrity

Information cannot be modified during transmission.

Confidentiality

Information remains private as it passes over the connection. The information exchanged between the sender and receiver is encrypted. Only the client and the server can interpret the information.

Accountability (non-repudiation)

The sender and the receiver both agree that the information exchange took place. Accountability settles any disputes about whether or not the information was sent and received. Digital signatures ensure accountability by enabling the identification of who is responsible if something goes wrong.