Page 49 - ITU-T Focus Group Digital Financial Services – Consumer Experience and Protection
P. 49

ITU-T Focus Group Digital Financial Services
                                               Consumer Experience and Protection



               B.2.2  HTTP

               The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia
               information systems. HTTP is the foundation of data communication for the World Wide Web. Hypertext is
               structured text that uses logical links (hyperlinks) between nodes containing text. HTTP is the protocol to
               exchange or transfer hypertext.
               HTTP functions as a request-response protocol in the client-server computing model. A web browser, for
               example, may be the client and an application running on a computer hosting a web site may be the server.
               The client submits an HTTP request message to the server. The server, which provides resources such as HTML
               files and other content, or performs other functions on behalf of the client, returns a response message to the
               client. The response contains completion status information about the request and may also contain requested
               content in its message body.


               B.2.3  HTTPS

               HTTPS (also called HTTP over TLS, [1] [2] HTTP over SSL, [3] and HTTP Secure [4] [5]) is a protocol for
               secure communication over a computer network which is widely used on the Internet. HTTPS consists of
               communication over Hypertext Transfer Protocol (HTTP) within a connection encrypted by Transport Layer
               Security or its predecessor, Secure Sockets Layer. The main motivation for HTTPS is authentication of the visited
               website and to protect the privacy and integrity of the exchanged data.

               In its popular deployment on the internet, HTTPS provides authentication of the website and associated web
               server with which one is communicating, which protects against man-in-the-middle attacks. Additionally, it
               provides bidirectional encryption of communications between a client and server, which protects against
               eavesdropping and tampering with and/or forging the contents of the communication.

















































                                                                                                       41
   44   45   46   47   48   49   50   51   52   53   54