Now showing items 1-4 of 4
Half-Baked Cookies: Client Authentication on the Modern Web
(Georgia Institute of Technology, 2014)
Modern websites set multiple authentication cookies during the login process to allow users to remain authenticated over the duration of a web session. Web applications use cookie-based authentication to provide different ...
One-Time Cookies: Preventing Session Hijacking Attacks with Disposable Credentials
(Georgia Institute of Technology, 2011)
One-Time Cookies: Preventing Session Hijacking Attacks with Stateless Authentication Tokens
(Georgia Institute of Technology, 2012-02)
HTTP cookies are the de facto mechanism for session authentication in web applications. However, their inherent security weaknesses allow attacks against the integrity of web sessions. HTTPS is often recommended to protect ...
I Own, I Provide, I Decide: Generalized User-Centric Access Control Framework for Web Applications
(Georgia Institute of Technology, 2010)
With the rapid growth of Web 2.0 technologies, users are contributing more and more content on the Internet, in the form of user profiles, blogs, reviews, etc. With this increased sharing comes a pressing need for access ...