Abstract
The HTTP does not support continuity for browser-server interaction between successive visits of a user due to a stateless feature. Cookies were invented to maintain continuity and state on the Web. Because cookies are transmitted in plain and contain text-character strings encoding relevant information about the user, the attacker can easily copy and modify them for his undue profit. In this paper, we design a secure cookies scheme based on public key certificate for solving these security weakness of typical web cookies. Our secure cookies scheme provides not only mutual authentication between client and server but also confidentiality and integrity of user information. Additionally, we implement our secure cookies scheme and compare it to the performance with SSL(Secure Socket Layer) protocol that is widely used for security of HTTP environment.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Joon S. Park and Ravi Sandhu, “Secure Cookies on the Web” IEEE Internet Computing, Volume: 4 Issue: 4, July-Aug. 2000
Scott Oaks, “Java Security, 2nd Edition”, O’Reilly. 2001
V. Khu-smith and C. J. Mitchell, “Enhancing the security of cookies”, in: K. Kim (ed.), Information Security and Cryptology-ICISC 2001-Proceedings of the 4th International Conference, Seoul, Korea, December 2001, Springer-Verlag (LNCS 2288), Berlin (2002), pp.132–145
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Yang, JP., Rhee, KH. (2002). The Design and Implementation of Improved Secure Cookies Based on Certificate. In: Menezes, A., Sarkar, P. (eds) Progress in Cryptology — INDOCRYPT 2002. INDOCRYPT 2002. Lecture Notes in Computer Science, vol 2551. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36231-2_25
Download citation
DOI: https://doi.org/10.1007/3-540-36231-2_25
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00263-5
Online ISBN: 978-3-540-36231-9
eBook Packages: Springer Book Archive