Sciweavers

Free Online Productivity Tools i2Speak i2Symbol i2OCR iTex2Img iWeb2Print iWeb2Shot i2Type iPdf2Split iPdf2Merge i2Bopomofo i2Arabic i2Style i2Image i2PDF iLatex2Rtf Sci2ools

10

FC
2007
Springer

favoriteEmaildiscussreport

141views Cryptology» more FC 2007»

WSKE: Web Server Key Enabled Cookies

13 years 10 months ago

WSKE: Web Server Key Enabled Cookies

Download www.usablesecurity.org

In this paper, we present the design and prototype of a new approach to cookie management: if a server deposits a cookie only after authenticating itself via the SSL handshake, the browser will return the cookie only to a server that can authenticate itself, via SSL, to the same keypair. This approach can enable usable but secure client authentication. This approach can improve the usability of server authentication by clients. This approach is superior to the prior work on Active Cookies in that it defends against both DNS spooﬁng and IP spooﬁng—and does not require binding a user’s interaction with a server to individual IP addresses.

Chris Masone, Kwang-Hyun Baek, Sean W. Smith

Real-time Traffic

Cookies | FC 2007 | Secure Client Authentication | Server Authentication |

claim paper

Related Content

» Dynamic pharming attacks and locked sameorigin policies for web browsers

» WebGroup A Secure Group Access Control Tool for the WorldWide Web

» Performance Analysis of an Asynchronous Web Server

» Beyond web of trust Enabling P2P Ecommerce

» ModelBased Resource Provisioning in a Web Service Utility

» Grid Resources for Industrial Applications

» iData for the World Wide Web Programming Interconnected Web Forms

» An Automated WSDL Generation and Enhanced SOAP Message Processing System for Mobile Web Se...

» NetworkCentric Buffer Cache Organization

Post Info
More Details (n/a)

Added	07 Jun 2010
Updated	07 Jun 2010
Type	Conference
Year	2007
Where	FC
Authors	Chris Masone, Kwang-Hyun Baek, Sean W. Smith

Comments (0)