Ceebler: An HTTP Proxy for Secure, Fine-Grained Access Control of Cookies
نویسنده
چکیده
Due to the Prevalence of cookies on the Internet, consumers need to understand how cookies can be abused. Due to their essentially uncontrolled nature, cookies pose a security risk because they can contain important data within them. This paper examens how Internet cookies are used and abused, the pervasive nature of cookies, compares the various tools currently available to manage cookies, and proposes an alternative tool called Ceebler (keb lEr). This research was motivated by the prevalence of cookies on the Internet, their potential for abuse, and the need for better cookie management software. We discuss our results from our studies on cookie prevalence, and an assessment of the currently available cookie management software. We then describe the result of two years of research, culminating in the construction and testing of Ceebler.
منابع مشابه
Review of " Achieving Secure , Scalable , and Fine - grained Data Access Control in Cloud Computing
Cloud computing is an emerging computing paradigm in which resources of the computing infrastructure are provided as services over the Internet. As promising as it is, this paradigm also brings forth many new challenges for data security and access control when users outsource sensitive data for sharing on cloud servers, which are not within the same trusted domain as data owners. To keep sensi...
متن کاملIntegrating the Functional Encryption and Proxy Re-cryptography to Secure DRM Scheme
The current Digital Rights Management (DRM) systems use attribute-based encryption (ABE) and proxy re-encryption (PRE) to achieve fine-grained access control in cloud computing. However, these schemes have some limitations particularly in terms of security, functionality and also higher decryption time which grows linearly with the complexity of access policies. In this paper, we propose a nove...
متن کاملWebGroup: A Secure Group Access Control Tool for the World-Wide Web
We present an integrated secure group access control tool to support workgroups on the World-Wide Web. The system enables user authentication, encrypted communication and fine-grained group access control. The tool comprises two proxies: one running on the server side and the other one on the client side. Typically the browser sends a query to the client side proxy which contacts the server sid...
متن کاملType-Based Proxy Re-encryption and Its Construction
Recently, the concept of proxy re-encryption has been shown very useful in a number of applications, especially in enforcing access control policies. In existing proxy re-encryption schemes, the delegatee can decrypt all ciphertexts for the delegator after re-encryption by the proxy. Consequently, in order to implement fine-grained access control policies, the delegator needs to either use mult...
متن کاملChapter 1 RBAC ON THE WEB BY SECURE COOKIES
Current approaches to access control on Web servers do not scale to enterprisewide systems, since they are mostly based on individual users. Therefore, we were motivated by the need to manage and enforce the strong access control technology of RBAC in large-scale Web environments. Cookies can be used to support RBAC on the Web, holding users’ role information. However, it is insecure to store a...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2005