The 2018 China Internet Security Conference (ISC) was recently held in Beijing. Experts from China’s Central Cyberspace Affairs Commission, Ministry of Industry and Information Technology, Ministry of Public Security and Internet security companies participated in in-depth discussions on network security challenges in the era of digital transformation. Hequan Wu, ISC’s Honorary President, believes that Internet applications have changed network environment, and the boundaries between physical and virtual network are disappearing. Security protection will become the core component of informationization.
To enhance website security, an increasing number of companies are deploying Security Socket Layer (SSL) certificate, enabling HTTPS for their websites. According to the statistics from ESET, an IT security company, 51.8% of the top one million websites have enabled HTTPS, comparing to 38.4% in February 2018.
Reasons behind the HTTPS transformation
HTTP data run unencrypted in the network
A major flaw of HTTP is its cleartext protocol, which can be exploited by hackers to cause security issues including data breaches, data manipulations, traffic hijacking and phishing attacks.
Web pages are more vulnerable to tampering and hijacking under HTTP protocol
There is a mature industry chain of stealing user information through webpage tampering and manipulation. HTTP protocol is not secured enough to handle the attacks.
With the prevalence of WIFI access comes security risks
WIFI hotspot and mobile network are more vulnerable to data hijacking and manipulations.
Website identities cannot be verified under the HTTP protocol
The HTTP protocol cannot verify the identities of the communicating parties. Anyone can use a fake server to deceive and phish end users without them knowing.
HTTPS protocol is more reliable because of the SSL certificate. It verifies the identity of the server and encrypts the communication between the browser and the server, thus greatly improving the security of the website.
Advantages of HTTPS
Protect the confidentiality of data transmission
Data is encrypted with session keys using RSA/DH algorithm. Plaintext is not available on the network
Protect data completeness
Use MAC algorithm to verify the integrity of the message and to avoid illegal tampering of data transmitted in the network
Ensure private key security
Use an asymmetric encryption mechanism to ensure that the private key is secure and establish a legit encrypted channel with the client.
Guarantee user legitimacy
Determine whether the sender is legit by encrypting, decrypting and verifying the digital signature.
ChinaCache HTTPS Acceleration Solution
Customers can upload their SSL certificates in ChinaCache self-service portal and deploy to CDN nodes with a single click. Once the certificates take effect, encrypted content will be sent to the nodes closest to end users. The edge servers will then use the private key to feed the content to the end users.
- Partner with leading global certificate authorities to provide quality services;
- Self-service system and seamless integration with ChinaCache CDN network. Full-scale deployment takes effect in as little as five minutes at no additional cost.
- All servers on ChinaCache CDN network support TLS 1.3 and HTTP 2.0
- Effectively prevent hijacking and data manipulation on mobile network
- Use 16core 10G NIC to ensure download speed while protecting data security
- Offer flexible solutions, including lightweight deployment, dual/multi-certificate deployment and private-key-less deployment to meet different business needs.
ChinaCache always takes the security of our customers’ data seriously. We also provide a managed WAF solution to combat cyber attacks. To learn more about it, click here.