Setting Up a Secure Apache 2 Server
This hour explains how to set up an Apache server capable of secure transactions. In this hour, you will learn
The installation and configuration of the mod_ssl Apache module
The SSL/TLS family of protocols and the underlying cryptography concepts
What certificates are and how to create and manage them
The Need for Security
As the Internet became mainstream and the number of companies, individuals, and government agencies using it grew, so did the number and type of transactions that needed protection. Those include financial transactions, such as banking operations and electronic commerce, as well as exchange of sensitive information, such as medical records and corporate documents. There are three requirements to carry on secure communications on the Internet: confidentiality, integrity, and authentication.
Confidentiality
Confidentiality is the most obvious requirement for secure communications. If you are transmitting or accessing sensitive information such as your credit card number or your personal medical history, you certainly do not want a stranger to get hold of it.
Integrity
The information contained in the exchanged messages must be protected from external manipulation. That is, if you place an order online to buy 100 shares of stock, you do not want to allow anyone to intercept the message, change it to an order to buy 1000 shares, or replace the original message. Additionally, you want to prevent an attacker from performing replay attacks, which, instead of modifying the original message, simply resend it several times to achieve a cumulative effect.
Authentication
You need to decide whether to trust the organization or individual you are communicating with. To achieve this, you must authenticate the identity of the other party in the communication.
The science of cryptography studies the algorithms and methods used to securely transmit messages, ensuring the goals of confidentiality, integrity, and authenticity. Cryptanalysis is the science of breaking cryptographic systems.