Home
Latest images
Search
Register
Log inA Secure Cookie Protocol
Page 1 of 1
A Secure Cookie Protocol
andry Thu Dec 30, 2010 5:09 am
Abstract
Cookies are the primary means for web applications to authenticate HTTP requests and to maintain client states.Many web applications (such as electronic commerce)demand a secure cookie protocol.Such a protocol needs to provide the following four services: authentication,confidentiality, integrity and anti-replay.Several secure cookie protocols have been proposed in previous literature; however,none of them are completely satisfactory.In this paper,we propose a secure cookie protocol that is effective,efficient,and easy to deploy.In terms of effectiveness,our protocol provides all of the above four security services.In terms of efficiency, our protocol does not involve any database lookup or public key cryptography. In terms of deploy-ability,our protocol can be easily deployed on an existing web server,and it does not require any change to the Internet cookie specification.We implemented our secure cookie protocol using PHP,and the experimental results show that our protocol is very efficient.
Download PDF
Cookies are the primary means for web applications to authenticate HTTP requests and to maintain client states.Many web applications (such as electronic commerce)demand a secure cookie protocol.Such a protocol needs to provide the following four services: authentication,confidentiality, integrity and anti-replay.Several secure cookie protocols have been proposed in previous literature; however,none of them are completely satisfactory.In this paper,we propose a secure cookie protocol that is effective,efficient,and easy to deploy.In terms of effectiveness,our protocol provides all of the above four security services.In terms of efficiency, our protocol does not involve any database lookup or public key cryptography. In terms of deploy-ability,our protocol can be easily deployed on an existing web server,and it does not require any change to the Internet cookie specification.We implemented our secure cookie protocol using PHP,and the experimental results show that our protocol is very efficient.
Download PDF
andry- Moderator
- Posts : 467
Join date : 2010-05-07
Similar topics» Windows Vista/7 : SMB2.0 NEGOTIATE PROTOCOL REQUEST Remote B.S.O.D. Exploit
» (IN)SECURE Magazine 27 released
» Internet Protocol explained
» Cross-protocol XSS with non-standard service ports
» Safari Integer Overflow Aids Inter Protocol Exploitation
» (IN)SECURE Magazine 27 released
» Internet Protocol explained
» Cross-protocol XSS with non-standard service ports
» Safari Integer Overflow Aids Inter Protocol Exploitation
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum|
|
|