Read these two papers.
[1] <http://cookies.lcs.mit.edu/pubs/webauth:tr.pdf>
[2] <http://www.cse.msu.edu/~alexliu/publications/Cookie/cookie.pdf>
On Dec 4, 2007 7:32 AM, Till Elsner <till.elsner@uni-duesseldorf.de> wrote:
Hi, i'm investigating in web application security this time and i'm
trying to find some information about session management with cookies
and related security issues. Can anyone point me to tips on how to
make cookie based sessions more secure and how to prevent session
hijacking? How secure is session handling using cookies and what are
the main risks? Is anyone aware of good literature on that topic?
Thanks and have a nice day
Till
-------------------------------------------------------------------------
Sponsored by: Watchfire
Methodologies & Tools for Web Application Security Assessment
With the rapid rise in the number and types of security threats, web
application security assessments should be considered a crucial phase in the
development of any web application. What methodology should be followed? What
tools can accelerate the assessment process? Download this Whitepaper today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------
-------------------------------------------------------------------------
Sponsored by: Watchfire
Methodologies & Tools for Web Application Security Assessment
With the rapid rise in the number and types of security threats, web
application security assessments should be considered a crucial phase in the
development of any web application. What methodology should be followed? What
tools can accelerate the assessment process? Download this Whitepaper today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------
