The use of encryption algorithms allows to avoid a number of potential risks related to hijacking information in transmission channel.
An industry standard for securing applications is the HTTPS SSL encryption, which is supported by all browsers and does not require additional components to be installed on client side. The certificate can be obtained from the Verisign company: http://www.verisign.com/
In Russia, the SSL certificate can be obtained via the provider or the RBC company: http://ssl.rbc.ru/
The following certified Russian data encryption standards are used to secure web resources:
• GOST R 34.10-94 and GOST R 34.11-94 stipulate the process of issuing and verifying the digital sign for the client authentication as well as authorization and providing the legal validity of digital documents for exchange via TSL connection;
• GOST 28147-89 stipulates the process of data encryption and counterfeit protection to ensure the confidentiality and integrity of information transferred via TSL connection.
Additional information about the encryption mechanisms is available on the DIGT site.
