Cache Cookies for Browser Authentication (Extended Abstract)

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Ari Juels Articles by Markus Jakobsson Articles by Tom N. Jagatic

2006 IEEE Symposium on Security and Privacy (S&P'06)

Berkeley/Oakland, California

May 21-May 24

ISBN: 0-7695-2574-1

	ASCII Text	x
	Ari Juels, Markus Jakobsson, Tom N. Jagatic, "Cache Cookies for Browser Authentication (Extended Abstract)," Security and Privacy, IEEE Symposium on, pp. 301-305, 2006 IEEE Symposium on Security and Privacy (S&P'06), 2006.

	BibTex	x
	@article{ 10.1109/SP.2006.8, author = {Ari Juels and Markus Jakobsson and Tom N. Jagatic}, title = {Cache Cookies for Browser Authentication (Extended Abstract)}, journal ={Security and Privacy, IEEE Symposium on}, volume = {0}, year = {2006}, issn = {1081-6011}, pages = {301-305}, doi = {http://doi.ieeecomputersociety.org/10.1109/SP.2006.8}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Security and Privacy, IEEE Symposium on TI - Cache Cookies for Browser Authentication (Extended Abstract) SN - 1081-6011 SP301 EP305 A1 - Ari Juels, A1 - Markus Jakobsson, A1 - Tom N. Jagatic, PY - 2006 KW - cache cookies KW - personalization KW - malware KW - pharming KW - phishing KW - privacy KW - Web browser VL - 0 JA - Security and Privacy, IEEE Symposium on ER -

Ari Juels, RSA Laboratories and RavenWhite Inc.

Markus Jakobsson, Indiana University and RavenWhite Inc.

Tom N. Jagatic, Indiana University

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/SP.2006.8

Like conventional cookies, cache cookies are data objects that servers store in Web browsers. Cache cookies, however, are unintentional byproducts of protocol design for browser caches. They do not enjoy any explicit interface support or security policies.

In this paper, we show that despite limitations, cache cookies can play a useful role in the identification and authentication of users. Many users today block conventional cookies in their browsers as a privacy measure. The cache-cookie tools we propose can help restore lost usability and convenience to such users while maintaining good privacy. As we show, our techniques can also help combat online security threats such as phishing and pharming that ordinary cookies cannot. The ideas we introduce for cache-cookie management can strengthen ordinary cookies as well.

The full version of this paper may be referenced at www.ravenwhite.com.

Index Terms:

cache cookies, personalization, malware, pharming, phishing, privacy, Web browser

Citation:

Ari Juels, Markus Jakobsson, Tom N. Jagatic, "Cache Cookies for Browser Authentication (Extended Abstract)," sp, pp.301-305, 2006 IEEE Symposium on Security and Privacy (S&P'06), 2006

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.