Client controlled security for web applications

L
LCN
2005
The IEEE Conference on Local Computer Networks 30th Anniversary (LCN'05)l
Abstract - Client controlled security for web applications

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Marko Hassinen Articles by Petteri Mussalo

The IEEE Conference on Local Computer Networks 30th Anniversary (LCN'05)l

Sydney, Australia

November 15-November 17

ISBN: 0-7695-2421-4

	ASCII Text	x
	Marko Hassinen, Petteri Mussalo, "Client controlled security for web applications," Local Computer Networks, Annual IEEE Conference on, pp. 810-816, The IEEE Conference on Local Computer Networks 30th Anniversary (LCN'05)l, 2005.

	BibTex	x
	@article{ 10.1109/LCN.2005.38, author = {Marko Hassinen and Petteri Mussalo}, title = {Client controlled security for web applications}, journal ={Local Computer Networks, Annual IEEE Conference on}, volume = {0}, year = {2005}, issn = {0742-1303}, pages = {810-816}, doi = {http://doi.ieeecomputersociety.org/10.1109/LCN.2005.38}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Local Computer Networks, Annual IEEE Conference on TI - Client controlled security for web applications SN - 0742-1303 SP810 EP816 A1 - Marko Hassinen, A1 - Petteri Mussalo, PY - 2005 KW - null VL - 0 JA - Local Computer Networks, Annual IEEE Conference on ER -

Marko Hassinen, University of Kuopio, Finland

Petteri Mussalo, University of Kuopio, Finland

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/LCN.2005.38

The main contribution of this paper is an encryption system for web applications, where the encryption is done on the client side. By a web application we mean an application that uses a web browser as a user interface and the content is in HTML or equivalent.

In our application the client creates and stores an encryption key. The data is always encrypted when in transit through the transport media, and cannot be decrypted on the server without an explicit consent of the client. Even a malicious server software cannot be used to disclose the confidential data. Furthermore, the client will detect any attempt to tamper with the encrypted data.

We show how to create a web application that uses client side encryption and key generation. Our approach delivers confidentiality, integrity, and user trust. Furthermore it doesn?t require any additional hardware or any software installations on the client side.

Citation:

Marko Hassinen, Petteri Mussalo, "Client controlled security for web applications," lcn, pp.810-816, The IEEE Conference on Local Computer Networks 30th Anniversary (LCN'05)l, 2005

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.