Read these two papers.
[1] <http://cookies.lcs.mit.edu/pubs/webauth:tr.pdf>
[2] <http://www.cse.msu.edu/~alexliu/publications/Cookie/cookie.pdf>
On Dec 4, 2007 7:32 AM, Till Elsner <till.elsner_at_uni-duesseldorf.de> wrote:
> Hi, i'm investigating in web application security this time and i'm
> trying to find some information about session management with cookies
> and related security issues. Can anyone point me to tips on how to
> make cookie based sessions more secure and how to prevent session
> hijacking? How secure is session handling using cookies and what are
> the main risks? Is anyone aware of good literature on that topic?
> Thanks and have a nice day
> Till
>
> -------------------------------------------------------------------------
> Sponsored by: Watchfire
> Methodologies & Tools for Web Application Security Assessment
> With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today!
>
> https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
> -------------------------------------------------------------------------
>
>
-------------------------------------------------------------------------
Sponsored by: Watchfire
Methodologies & Tools for Web Application Security Assessment
With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------
Received on Dec 05 2007
Intro
