Lecture: SSDS - Secure Session Data Storage

Protecting HTTP Session-Data from prying eyes

SSDS is a novel security concept to protect HTTP session-data on the web/application server. It employs encryption to secure the session-data against unauthorized access. The HTTP Session-ID is used as the encryption key for the stored session-data, so that the session-data can only be accessed while HTTP requests are processed (due to the fact that the Session-ID is unknown to the webserver except during the HTTP request). The cryptographic concepts of SSDS are explained. The reference implementation of SSDS for PHP is presented.

Info

Day: 2012-08-26
Start time: 17:45
Duration: 01:00
Room: HS3
Track: Security
Language: en

Links:

Files

Feedback

Click here to let us know how you liked this event.

Concurrent Events