Lecture: SSDS - Secure Session Data Storage
Protecting HTTP Session-Data from prying eyes
SSDS is a novel security concept to protect HTTP session-data on the web/application server. It employs encryption to secure the session-data against unauthorized access. The HTTP Session-ID is used as the encryption key for the stored session-data, so that the session-data can only be accessed while HTTP requests are processed (due to the fact that the Session-ID is unknown to the webserver except during the HTTP request). The cryptographic concepts of SSDS are explained. The reference implementation of SSDS for PHP is presented.
Info
Day:
2012-08-26
Start time:
17:45
Duration:
01:00
Room:
HS3
Track:
Security
Language:
english
Files
Feeback
Click here to let us know how you liked this event.
Speakers
 |
Jürgen Pabel |