Authentication: this assures your browser that your data is being sent to the correct computer server, and that the server is secure.

Encryption: this encodes the data, so that it cannot be read by anyone other than the secure server.

Data Integrity: this checks the data being transferred to ensure it has not been altered.

Our Shopping Center accepts...

Top Page

Daily Mail 13/1/99

The dangers of e-commerce have been exaggerated. Stepping into the huge chasm of cyberspace does take a little getting used to, but in reality you take as big a risk handing your credit card to a waiter as you do when you enter the details into a website.

The Guardian 14/1/99

What is SSL?
Recent developments in browser/server technology have made it easy for people to use Web services without worrying about electronic fraud. Two examples are Secure Sockets Layer (SSL) developed by Netscape, and Secure Hypertext Transfer Protocol (S-HTTP) developed by Terisa Systems, Inc. Both of these security protocols have been submitted to the Internet Engineering Task Force (IETF) as an Internet-Drafts. Basically, these protocols allow the browser and server ends of a Web session to authenticate one another and secure information which subsequently flows between them. Through the use of cryptographic techniques such as encryption and digital signature, these protocols:

Allow Web browsers and servers to authenticate each other; Permit Web site owners to control access to particular servers, directories, files or services; Allow sensitive information (e.g., credit card numbers) to be shared between browser and server, yet remain inaccessible to third parties; and Ensure that data exchanged between browser and server cannot be corrupted - accidentally or deliberately - without detection.

Public key certificates
A key component in the establishment of secure Web sessions via the SSL or S-HTTP protocols is the public key certificate. Without authentic and trustworthy certificates, protocols like SSL and S-HTTP offer no security at all.

The credentials used to authenticate Web servers and their clients via protocols such as SSL and S-HTTP are called X.509 public key certificates. A public key certificate is analogous to a passport, in that it proves your identity and is authorized by a trusted third party known in the security world as a Certification Authority or CA (see below). In the passport analogy, the CA is similar to the Passport Office, which verifies your identification, creates a recognized and trusted document which certifies who you are, and issues the document to you.

CA's and third party trust
A Certification Authority (CA) is a trusted authority responsible for issuing certificates used to identify a community of individuals, systems or other entities which make use of a computer network.

By digitally signing the certificates it issues, the CA binds the identity of the certificate owner to the public key within the certificate, and thereby vouches for the trustworthiness of the certificate. Network users possess the CA's own public key certificate (sometimes referred to as the "root key"), and use it to verify others' certificates. In doing so, they have assurance that the public keys in those certificates are the authentic keys of the named subjects, and know that the CA (whom they recognize and trust) vouches for this binding. The CA plays a crucial role in Web security, since the CA makes a third-party trust relationship possible.

In a large, distributed and complex network such as the Web, the third-party trust model is necessary since there are many permutations of dynamic, client-server relationships. Servers and clients may not have an established mutual trust; yet both parties want to have secure sessions, which demands a foundation of trust. The CA is the missing link which makes trusted Web sessions a reality. Because each party in the session trusts the CA, and because the CA has vouched for each party's identification and trustworthiness by signing their certificates, each party recognizes and has implicit trust in the other, so the secure session can proceed without the risk of masquerading. Further, since the two authenticated parties exchange public key certificates, they can encrypt and digitally sign session data, removing the possibility that others may eavesdrop on the session or tamper with data.

• The information we collect
  In order to provide you with the best shopping experience we can, we collect certain personal information about you. When you register for our weekly email and personalise it to your requirements we will store your email address together with any other information you may provide as part of the personalisation process. When you buy anything via the site, we may need to collect information about you to process the transaction and fulfill your order. This information may include, but is not limited to, details such as your name, your address and your credit card details. When you view our site by linking from another web page we may store the name of that web page for purposes of internal administration.
• What do we do with your personal information?
  sicilytourist.com uses your personal information to provide you with the best online shopping experience and to provide you with a personalised service to give you details of offers which we think will be of interest to you. If you have chosen to receive them, we will also use your information to provide you with our famous weekly email and other email alerts letting you stay up-to-date about relevant offers. We may also use the information to process any transactions you undertake with us and for internal administration and analysis. We disclose your information to third parties only for the purpose of completing your transaction with us, providing the above services to you and for the purposes of associated administration and obtaining professional advice. We do not sell, rent or trade your personal information to third parties for marketing purposes without your express consent. For these purposes, we may send your information internationally, including to countries outside the EEA. Other countries offer differing levels of protection of personal information, not all of which may be as high as the UK.
• Cookies
  Cookies are small files which are sent to your browser and stored on your computer's hard disc. If you have registered with Our Shop , then your computer will store an identifying code in the cookie which means you do not need to type in your email address each time you return to the site. Other than this, we do not store your password or any other information in the cookie, or use it for any other purpose.Our third-party advertiser may place or recognise a unique cookie on your browser.
• Third Party Advertising
  The ads appearing on this Web site are delivered to you, on our behalf, by our Web advertising partner. Information about your visit to this site, such as number of times you have viewed an ad (but not your name, address, or any other personal information), is used to serve ads to you on this site.
• Data Protection
  In the UK we operate and are registered in accordance with applicable data protection legislation.
• Consent
  By disclosing your personal information to us using this website or over the telephone, you consent to the collection, storage and processing of your personal information by SicilyTourist.com in the manner set out in this Privacy Policy.