SSL

Secure Sockets Links (SSL) is a network protocol developed by Netscape for securing transmitted documents, webpage data, etc over the Internet.

Now Google uses SSL to encrypt and secure searches done through their web search engine. Note: some features on web pages will not work because they are not SSL capable. Here is the official Google blog about it: Link

Image link

Now the hard part. I will attempt to explain the complex SSL protocol. First you must know what cryptography is. It makes data hidden to the public, and only private members/users can access the data. SSL is a transport protocol that makes up part of the Secure File Transport Protocol (SFTP). SFTP can also be based on Secure Shell (SSH), which is another transport protocol. SSL can also be used for securing e-mail transmissions.

[1] SSL uses a public key to encrypt data that is traveling over the connection. Transport Layer Security (TLS) is a protocol that guarantees privacy, and data integrity between applications communicating over the Internet. TLS is an extension of SSL, and i will refer to them as SSL/TSL.

[1] SSL/TSL protocol is made up of two layers. The TLS Handshake Protocol allows authentication between the server and the client. There is a negotiation of an encryption algorithm and cryptographic keys before any actual data is transmitted.

[1] The TLS Record Protocol is layered on top of a reliable transport protocol, such as the Transmission Control Protocol (TCP). It ensures that a connection is private by using data encryption, and that the connection is reliable. The TLS Record Protocol also is used to encapsulate higher-lever protocols, such as the TLS Handshake Protocol.

[1] Using SSL/TSL, SFTP provides protection from man-in-the-middle attacks because the server is authenticated with the client. In addition, it protects against packet sniffing during transmission because the data is encrypted.

How it works link

[1]Security+ Guide to Network Security Fundamentals Third Edition