Proceedings of the 11th USENIX Security Symposium
ACM SIGCOMM Computer Communication Review
Stopping spyware at the gate: a user study of privacy, notice and spyware
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Understanding the network-level behavior of spammers
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Design principles and patterns for computer systems that are simultaneously secure and usable
Design principles and patterns for computer systems that are simultaneously secure and usable
Dynamic pharming attacks and locked same-origin policies for web browsers
Proceedings of the 14th ACM conference on Computer and communications security
Protecting browsers from dns rebinding attacks
Proceedings of the 14th ACM conference on Computer and communications security
Forcehttps: protecting high-security web sites from network attacks
Proceedings of the 17th international conference on World Wide Web
Enforcing User-Aware Browser-Based Mutual Authentication with Strong Locked Same Origin Policy
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Robust defenses for cross-site request forgery
Proceedings of the 15th ACM conference on Computer and communications security
Stronger TLS bindings for SAML assertions and SAML artifacts
Proceedings of the 2008 ACM workshop on Secure web services
The power of recognition: secure single sign-on using TLS channel bindings
Proceedings of the 7th ACM workshop on Digital identity management
Getting web authentication right: a best-case protocol for the remaining life of passwords
SP'11 Proceedings of the 19th international conference on Security Protocols
Hi-index | 0.00 |
In this paper, we present the design and prototype of a new approach to cookie management: if a server deposits a cookie only after authenticating itself via the SSL handshake, the browser will return the cookie only to a server that can authenticate itself, via SSL, to the same keypair. This approach can enable usable but secure client authentication. This approach can improve the usability of server authentication by clients. This approach is superior to the prior work on Active Cookies in that it defends against both DNS spoofing and IP spoofing--and does not require binding a user's interaction with a server to individual IP addresses.