Chapter 29

Improving Security in Web Sessions

Special Management of Cookies

Nicolás Macia and Fernando G. Tinetti,    The National University of La Plata, La Plata, BA, Argentina

The current mechanism implemented for Web session management implies exchanging session cookies between a Web application client (usually a browser) and a Web application server. Besides having privacy issues, the security of Web sessions can be affected by various reasons related to cookies. There are several vulnerabilities that threaten a Web application specifically related to cookies: theft, tampering, and/or forgery. Any of these vulnerabilities may favor session theft and/or unauthorized access using the identity of another user in the system. In this chapter, we ...

Get Emerging Trends in ICT Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.