Matches in ScholarlyData for { <https://w3id.org/scholarlydata/inproceedings/www2008/paper/828> ?p ?o. }
Showing items 1 to 13 of
13
with 100 items per page.
- 828 creator ben-adida.
- 828 type InProceedings.
- 828 label "SessionLock: Securing Web Sessions against Eavesdropping".
- 828 sameAs 828.
- 828 abstract "Typical web sessions can be hijacked easily by a network eavesdropper in attacks that have come to be designated ``sidejacking.'' The rise of ubiquitous wireless networks, often unprotected at the transport layer, has significantly aggravated this problem. While SSL can protect against eavesdropping, its usability disadvantages often make it unsuitable when the data is not considered highly confidential. Most web-based email services, for example, use SSL only on their login page and are thus vulnerable to sidejacking. We propose SessionLock, a simple approach to securing web sessions against eavesdropping without extending the use of SSL. SessionLock is easily implemented by web developers using only JavaScript and simple server-side logic. Its performance impact is negligible, and all major web browsers are supported. Interestingly, it is particularly easy to implement on single-page AJAX web applications, e.g. Gmail or Yahoo mail: they could deploy it with only 200 lines of JavaScript and 50 lines of server-side verification code.".
- 828 hasAuthorList authorList.
- 828 hasTopic World_Wide_Web.
- 828 isPartOf proceedings.
- 828 keyword "eavesdropping".
- 828 keyword "sidejacking".
- 828 keyword "web security".
- 828 keyword "web sessions".
- 828 title "SessionLock: Securing Web Sessions against Eavesdropping".