Advantages And Disadvantages Of Browser Security

910 WordsOct 19, 20174 Pages
Abstract: HTTPS has become the standard in securing browser based communications. This paper presents a description of the advantages/disadvantages of HTTPS implementation and discusses whether all web communications should require HTTPS as well as clearly stating how HTTP and HTTPS differ. Finally, a practical guide will be described regarding how web servers must be set up for HTTPS transactions and how HTTPS would protect a user on public networks. 1 Introduction To demonstrate the importance of browser security, there are more than $1.2 million dollars’ worth of online sales every 30 seconds (Bennett, 2014). Hence a form of browser security is vital for securing communications between buyer and seller, this includes payment details…show more content…
Finally, if a website’s TLS/SSL is configured incorrectly and some parts of the website are still being served with HTTP (usually third-party advertising/social media widgets) then a browser will display a warning informing the user that the website is serving insecure content. This can be a deterrent for users who users who are unaware of what exactly the message means. Hence it is important that websites test whether they are hosting any unsecured third-party content (SSL.com, 2014). There are several steps to configuring HTTPS on a web server. First, it is vital that the web server is hosted on a server with a dedicated IP address. For example, a personal web server connected to a home router, will most likely have a dynamic IP addresses which can change frequently and hence will not be suitable. Or furthermore, some web serving hosts will assign the server a ‘shared’ IP address. Meaning web servers will serve up different webpage content depending on the hostname entered by the user. To rectify this, the server owner must talk to their internet provider or hosting services to make sure they have a dedicated IP address. The next step is purchasing a SSL certificate from a trusted CA. The certificate is what assures visitors to the website, that the website is in fact who they claim to be. The CA then signs this certificate to prove that the website is authentic. Web hosts often provide SSL certs, otherwise a third party can be used such as Digicert (which
Open Document