What is HTTP?
HTTP is stands for Hypertext Transfer Protocol. HTTP offers set of rules and standards for web browsers & servers to communicate and govern how any information can be transmitted on the World Wide Web.HTTP is an application layer network protocol which is built on top of TCP. HTTP uses Hypertext structured text which establishes the logical link between nodes containing text. It is also known as "stateless protocol".
Advantages of HTTP:
- HTTP can be implemented with other protocol on the Internet, or on other networks
- HTTP pages are stored on computer and internet caches, so it is quickly accessible
- Platform independent which allows cross-platform porting
- Does not need any Run time support
- Usable over Firewalls! Global applications are possible
- Not Connection Oriented; so no network overhead to create and maintain session state and information
Limitations of HTTP
- There is no privacy as anyone can see content
- Data integrity is a big issue as someone can alter the content. That's why HTTP protocol is an insecure method as no encryption methods are used.
- Anyone who intercepts the request can get the username and password.
What is HTTPS?
HTTPS is stands for Hyper Text Transfer Protocol Secure. It is highly advanced and secure version of HTTP. It uses the port no. 443 for Data Communication. It allows the secure transactions by encrypting the entire communication with SSL. It is a combination of SSL/TLS protocol and HTTP. It provides encrypted and secure identification of a network server.Allows you to create a secure encrypted connection between the server and the browser. It offers the bi-directional security of Data. This helps you to protect potentially sensitive information from being stolen.
In HTTPS protocol SSL transactions are negotiated with the help of key-based encryption algorithm.
Advantages of HTTPS
- In most cases, sites running over HTTPS will have a redirect in place. Therefore, even if you type in HTTP:// it will redirect to an https over a secured connection
- SSL technology protects any users and builds trust
- An independent authority verifies the identity of the certificate owner. So each SSL Certificate contains unique, authenticated information about the certificate owner.
- It allows users to perform critical transactions such as online banking.
Limitations of HTTPS
- HTTPS protocol can't stop stealing confidential information from the pages cached on the browser
- SSL data can be encrypted only during transmission on the network. So it can't clear the text in the browser memory
- HTTPS can increase computational overhead as well as network overhead of the organization
Difference Between HTTP and HTTPS
| Parameter | HTTP | HTTPS |
|---|---|---|
| Protocol | It is hypertext transfer protocol. | It is hypertext transfer protocol with secure. |
| Security | It is less secure as the data can be vulnerable to hackers. | It is designed to prevent hackers from accessing critical information. It is secure against such attacks. |
| Port | It uses port 80 by default | It was use port 443 by default. |
| Starts with | http:// | https:// |
| Used for | It's a good fit for websites designed for information consumption like blogs. | If the website needs to collect the private information such as credit card number, then it is a more secure protocol. |
| Scrambling | HTTP does not scramble the data to be transmitted. That's why there is a higher chance that transmitted information is available to hackers. | HTTPS scrambles the data before transmission. At the receiver end, it descrambles to recover the original data. Therefore, the transmitted information is secure which can't be hacked. |
| Protocol | It operates at TCP/IP level. | HTTPS does not have any separate protocol. It operates using HTTP but uses encrypted TLS/SSL connection. |
| Domain Name Validation | HTTP website do not need SSL. | HTTPS requires SSL certificate. |
| Data encryption | HTTP website doesn't use encryption. | HTTPS websites use data encryption. |
| Search Ranking | HTTP does not improve search rankings. | HTTPS helps to improve search ranking. |
| Speed | Fast | Slower than HTTP |
| Vulnerability | Vulnerable to hackers | It Is highly secure as the data is encrypted before it is seen across a network. |
Description of short terms
Secure Sockets Layer (SSL) : is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral.
Transport layer security (TLS) : is a protocol that provides communication security between client/server applications that communicate with each other over the Internet.
Stateless Protocol : each command is executed separately, without using reference of previous executions .
References Used :- difference-http-vs-https.html
Version :- 1.0.0
No comments:
Post a Comment