Re: Session security with cookies

["Eduardo Tongson" <propolice () gmail com>]

Read these two papers.

[1] <http://cookies.lcs.mit.edu/pubs/webauth:tr.pdf>
[2] <http://www.cse.msu.edu/~alexliu/publications/Cookie/cookie.pdf>

On Dec 4, 2007 7:32 AM, Till Elsner <till.elsner () uni-duesseldorf de> wrote:
> Hi, i'm investigating in web application security this time and i'm
> trying to find some information about session management with cookies
> and related security issues. Can anyone point me to tips on how to
> make cookie based sessions more secure and how to prevent session
> hijacking? How secure is session handling using cookies and what are
> the main risks? Is anyone aware of good literature on that topic?
> Thanks and have a nice day
> Till
>
> -------------------------------------------------------------------------
> Sponsored by: Watchfire
> Methodologies & Tools for Web Application Security Assessment
> With the rapid rise in the number and types of security threats, web application security assessments should be 
> considered a crucial phase in the development of any web application. What methodology should be followed? What tools 
> can accelerate the assessment process? Download this Whitepaper today!
>
> https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
> -------------------------------------------------------------------------

-------------------------------------------------------------------------
Sponsored by: Watchfire 
Methodologies & Tools for Web Application Security Assessment 
With the rapid rise in the number and types of security threats, web application security assessments should be 
considered a crucial phase in the development of any web application. What methodology should be followed? What tools 
can accelerate the assessment process? Download this Whitepaper today! 

https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------