Abstract
SummaryHypertext transfer protocol (HTTP) cookies are used to store user‐related information sent by a website, and they can be read again later to maintain a link between a user's computer and the website and to remember the user's previous state on the website. In cloud services, cookies are used by service providers to maintain smooth operation for users. As cookies are sent in a public networking environment and saved on users' browsers, two problems are encountered when using cookies: (a) how to protect sensitive information on a cookie from disclosure and (b) how to determine whether cookies have been modified maliciously. Several studies have been conducted on web security to assess problems that occur when cookies are injected and hijacked. In the present study, a secure and efficient cookie protection scheme is proposed. The scheme is designed with the following principles: (a) a key is hidden within a cookie, (b) the integrity of the cookie is verified by both the web server and the web browser, and (c) the key and sensitive information in the cookie can only be read by the website. The proposed method was analyzed for its security and efficiency. Moreover, the methods from related studies and the proposed method were compared. The results revealed that the proposed cookie scheme is effective at improving cookie security.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
