Recent technological developments in browsers and servers allow internet users to make the most of web services without worrying about fraud. Two examples of internet security systems are: the SSL developed by Netscape and the Secure Hypertext Transfer Protocol (S-HTTP) developed by Terisa Systems, Inc. The success of SSL can be linked to its simple interface and integration in all of the browsers on the market. To see whether the site you are using is protected, you will notice on your browser the presence of a small key or padlock in the case that the server which sends you information is using SSL. The usage of cryptographic techniques, such as encryption or electronic signatures allow: browsers and servers to authenticate each other and secure the information that passes between them, site owners to control access to particular servers, directories or services and for confidential information to be exchanged between browser and server whilst remaining inaccessible to third parties. This ensures that data exchange between browser and server cannot be corrupted accidentally or intentionally without detection.
The certifications used to authenticate web servers and their clients via the protocols like SSL and S-HTTP are called cybersecurity certificates. The key or a padlock which appears on the browser during a secure session via the protocols SSL or S-HTTP is an example of a cybersecurity certification. Without these certificates the SSL or S-HTTP protocols cannot guarantee the security of your session. A certificate usually contains a public key, a name as well as other fields to identify the owner: an expiration date, a serial number, the name of the organisation which countersigns the certificate as well as the signature itself. It functions as an electronic passport: proving your identity and is generated by a third party or an independent organisation which controls the legitimacy of this information. This Certifying Authority (CA) can be compared to the passport office in this sense. It verifies your identity, creates a recognisable and reliable certification to certify the verification of your identity and gives you this document as proof.
A certification authority is a trusted and responsible authority which: issues the certificate used for the individual identification and identifies the systems and other parties using an information network. The individual will provide the servers that they want to use with their personal, third party signed certification which the server will then use to guarantee security. The user will keep only a single certificate (their own which is in some senses their electronic signature) and will only retain a single password (that which protects their certificate). This system not only makes browsing easier but also assists the server administrator. Effectively, it is just like giving you the security of making a payment in store but whilst you are shopping online.
For a complex electronic network, third party certification is necessary due to the many connections between servers. Whilst the servers and clients are not connected, they share an interest: secure browsing. The CA is the go between. Because both parties trust the CA (which signs the certificates of both parties), both of their identities are thus verified and the parties know that they are both to be trusted. The session can therefore take place without the risk of fraudulent activity.