Cache cookies for browser authentication
作者: A. Juels , M. Jakobsson , T.N. Jagatic
DOI: 10.1109/SP.2006.8
关键词:
摘要: Like conventional cookies, cache cookies are data objects that servers store in Web browsers. Cache however, unintentional byproducts of protocol design for browser caches. They do not enjoy any explicit interface support or security policies. In this paper, we show despite limitations, can play a useful role the identification and authentication users. Many users today block their browsers as privacy measure. The cache-cookie tools propose help restore lost usability convenience to such while maintaining good privacy. As show, our techniques also combat online threats phishing pharming ordinary cannot. ideas introduce management strengthen well. full version paper may be referenced at www.ravenwhite.com.
ieeecomputersociety.org参考文章(10)
David Molnar, Andrea Soppera, David Wagner, A scalable, delegatable pseudonym protocol enabling ownership transfer of RFID tags international conference on selected areas in cryptography. pp. 276- 290 ,(2005) , 10.1007/11693383_19
Edward W. Felten, Michael A. Schneider, Timing attacks on Web privacy computer and communications security. pp. 25- 32 ,(2000) , 10.1145/352600.352606
S. W. Smith, D. Safford, Practical server privacy with secure coprocessors Ibm Systems Journal. ,vol. 40, pp. 683- 695 ,(2001) , 10.1147/SJ.403.0683
Cynthia Dwork, Jeffrey Lotspiech, Moni Naor, Digital signets: self-enforcing protection of digital information (preliminary version) symposium on the theory of computing. pp. 489- 498 ,(1996) , 10.1145/237814.237997
Gregory J. Walters, Privacy and security ACM SIGCAS Computers and Society. ,vol. 31, pp. 8- 23 ,(2001) , 10.1145/503345.503347
S. Micali, M. Rabin, S. Vadhan, Verifiable random functions foundations of computer science. pp. 120- 130 ,(1999) , 10.1109/SFFCS.1999.814584
Collin Jackson, Andrew Bortz, Dan Boneh, John C. Mitchell, Protecting browser state from web privacy attacks Proceedings of the 15th international conference on World Wide Web - WWW '06. pp. 737- 744 ,(2006) , 10.1145/1135777.1135884
David Molnar, David Wagner, Privacy and security in library RFID: issues, practices, and architectures computer and communications security. pp. 210- 219 ,(2004) , 10.1145/1030083.1030112
Jan Camenisch, Anna Lysyanskaya, An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation Lecture Notes in Computer Science. pp. 93- 118 ,(2001) , 10.1007/3-540-44987-6_7
Ari Juels, Markus Jakobsson, Phong Q. Nguyen, Proprietary Certificates the cryptographers track at the rsa conference. pp. 164- 181 ,(2002)