Title :
Cache cookies for browser authentication
Author :
Juels, Ari ; Jakobsson, Markus ; Jagatic, Tom N.
Abstract :
Like conventional cookies, cache cookies are data objects that servers store in Web browsers. Cache cookies, however, are unintentional byproducts of protocol design for browser caches. They do not enjoy any explicit interface support or security policies. In this paper, we show that despite limitations, cache cookies can play a useful role in the identification and authentication of users. Many users today block conventional cookies in their browsers as a privacy measure. The cache-cookie tools we propose can help restore lost usability and convenience to such users while maintaining good privacy. As we show, our techniques can also help combat online security threats such as phishing and pharming that ordinary cookies cannot. The ideas we introduce for cache-cookie management can strengthen ordinary cookies as well. The full version of this paper may be referenced at www.ravenwhite.com
Keywords :
cache storage; computer viruses; data privacy; online front-ends; Web browsers; browser authentication; browser caches; cache cookies; cache-cookie management; cache-cookie tools; data objects; data privacy; malware; online security threats; pharming; phishing; user authentication; user identification; Authentication; Data security; Displays; Image restoration; Laboratories; Privacy; Protocols; Usability; Web pages; Web server; Web browser; cache cookies; malware; personalization; pharming; phishing; privacy;
Conference_Titel :
Security and Privacy, 2006 IEEE Symposium on
Conference_Location :
Berkeley/Oakland, CA
Print_ISBN :
0-7695-2574-1
