Security of Cookies In A Public Computer Lab Setting Russell Fech November 30, 2000.

Slides:

Advertisements

Similar presentations

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.

Advertisements

4.01 How Web Pages Work.

Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,

Introducing K12Planet.com What is K12Planet.com? Who can access it? Is it secure? What do I need to use it? Can I control the information I see?

Basics. 2 Class Outline Part 1 - Introduction –Explaining –Parts of an address –Types of services –Acquiring an account.

CC3.12 Lecture 12 Erdal KOSE Based of Prof. Ziegler Lectures.

6/10/2015Cookies1 What are Cookies? 6/10/2015Cookies2 How did they do that?

Design Aspects. User Type the URL address on the cell phone or web browser Not required to login.

Chapter 10 Managing State Information PHP Programming with MySQL.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

Topics in this presentation: The Web and how it works Difference between Web pages and web sites Web browsers and Web servers HTML purpose and structure.

Chapter 10 Maintaining State Information Using Cookies.

Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.

Web Browsers It is an application software that is used to display and interact with text, images and other information located on web pages at web sites.

11 CONFIGURE INTERNET EXPLORER Chapter 5. Chapter 5: Configure Internet Explorer2 CHAPTER OVERVIEW AND OBJECTIVES  Configuring Accessibility and Language.

THE WONDERFUL HISTORY OF COMPUTERS FROM THE BEGINNING HARDWARE, SOFTWARE,SAFTEY, AND COMPUTER ETHICS.

Privacy and Encryption The threat of privacy due to the sale of sensitive personal information on the internet Definition of anonymity and how it is abused.

 A cookie is a piece of text that a Web server can store on a user's hard disk.  Cookie data is simply name-value pairs stored on your hard disk by.

Jared Cinque Section 6.  Internet tracking is the process of following internet activity backwards from recipient to user through a special type of software.

11 WORKING WITH USER ACCOUNTS Chapter 6. Chapter 6: WORKING WITH USER ACCOUNTS2 CHAPTER OVERVIEW Understand the differences between local user and domain.

Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 48 How Internet Sites Can Invade Your Privacy.

Using Group Policy to Manage User Environments. Overview Introduction to Managing User Environments Introduction to Administrative Templates Assigning.

Cookies Set a cookie – setcookie() Extract data from a cookie - $_COOKIE Augment user authentication script with a cookie.

Adapted from Computer Concepts, New Perspectives, Thompson Course Technology EDW 647: The Internet Dr. Roger Webster & Dr. Nazli Mollah 24 Cookies: What.

INTERNET PRIVACY Marketing companies The cookie leak security hole in the HTML messages The Web Bug Can we trust the privacy.

JavaScript, Fourth Edition

Network Operating Systems versus Operating Systems Computer Networks.

11 WORKING WITH USER ACCOUNTS Chapter 6. Chapter 6: WORKING WITH USER ACCOUNTS2 UNDERSTANDING USER ACCOUNTS  Local user accounts  stored in the Security.

Chapter 8 Safeguarding the Internet. Firewalls Firewalls: hardware & software that are built using routers, servers and other software A point between.

Basics. 2 Professional Development Centre Class Outline Part 1 - Introduction –Explaining –Parts of an address –Types of services.

Chapter 13 Understanding E-Security. 2 OBJECTIVES What are security concerns (examples)? What are two types of threats (client/server) Virus – Computer.

Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.

Chapter 8 Cookies And Security JavaScript, Third Edition.

XP New Perspectives on The Internet, Sixth Edition— Comprehensive Tutorial 5 1 Downloading and Storing Data Using FTP and Other Services to Transfer and.

COOKIES. INTERNET COOKIES What are they Where are they found What should you do about them.

The DoubleClick controversy and other related issues pertaining to privacy on the Internet.

Chapter 18 Technology in the Workplace Section 18.2 Internet Basics.

Protecting Students on the School Computer Network Enfield High School.

Chapter 7: E-Commerce Security and Payment system

The Teacher Is In Charge There are dozens of free services, but Gaggle.Net is the only service designed specifically for classroom use. The biggest.

Cookies Web Browser and Server use HTTP protocol to communicate and HTTP is a stateless protocol. But for a commercial website it is required to maintain.

Section 12.1 Discuss the functions of a Web site Create a feedback form Compare and contrast option buttons and check boxes Section 12.2 Explain the use.

11 1 Cookies CGI/Perl Programming By Diane Zak Objectives In this chapter, you will: Learn the difference between temporary and persistent cookies.

SEC835 Runtime authentication Secure session management Secure use of cryptomaterials.

Session and Cookie Management in.Net Sandeep Kiran Shiva UIN:

PHP Programming with MySQL Slide 10-1 CHAPTER 10 Managing State Information.

U.S. Department of Commerce Web Advisory Group Minding Your Own Business The Platform for Privacy Preferences Project.

COOKIES and SESSIONS. COOKIES A cookie is often used to identify a user. A cookie is a small file that the server embeds on the user's computer. Each.

Internet Safety Internet Safety LPM

CP476 Internet Computing CGI1 Cookie –Cookie is a mechanism for a web server recall info of accessing of a client browser –A cookie is an object sent by.

PHP Cookies. Cookies are small files that are stored in the visitor's browser. Cookies can be used to identify return visitors, keep a user logged into.

ECMM6018 Enterprise Networking for Electronic Commerce Tutorial 7

Anika Massey.  There are three main types of business:  Traditional  Online  Transportation.

Computer-made Cookies Presented by Helal Lutfi. What is a Computer Cookie?  A small text file which contains a unique ID tag.  Placed on your computer.

1 Law, Ethical Impacts, and Internet Security. 2 Legal Issues vs. Ethical Issues Ethics — the branch of philosophy that deals with what is considered.

Cookies and Sessions in PHP. Arguments for the setcookie() Function There are several arguments you can use i.e. setcookie(‘name’, ‘value’, expiration,

COOKIES Gloria Soria Network Security COSC 356. What is a Cookie? A cookie is a piece of text that a Web Server can store on a user's hard disk. Cookies.

Top Ten Ways to Protect Privacy Online -Abdul M. Look for privacy policies on Web Sites  Web sites can collect a lot of information about your visit.

Some from Chapter 11.9 – “Web” 4 th edition and SY306 Web and Databases for Cyber Operations Cookies and.

Intro to Digital Technology Review for Final Introduction to Digital Technology Finals Seniors Monday, 5/16 – 2 nd Tuesday 5/17 – 1 st,3 rd Underclassmen.

Internet and security.

Cookies and Sessions in PHP

What is Cookie? Cookie is small information stored in text file on user’s hard drive by web server. This information is later used by web browser to retrieve.

Web Privacy Chapter 6 – pp 125 – /12/9 Y K Choi.

IA for Shopping & Shopping Baskets

Presentation transcript:

Security of Cookies In A Public Computer Lab Setting Russell Fech November 30, 2000

Outline Introduction of Cookies Problem Statement Motivation/Importance Objective Research Plan Assumptions Conclusion

What are cookies? “Cookies are a general mechanism which server side connections can use to both store and retrieve information on the client side of the connection.” - Netscape Also known as “Magic Cookies” Cookies can only be read by the website that issued them

Types of cookies Persistent –Stored on hard drive for the long time duration Non-persistent –Stored only for the current session of the web browser

Where are the cookies? Cookies exist on both major web browsers –Netscape stores all cookies in the cookies.txt file in a Netscape directory –Internet Explorer stores individual cookies as text files in a cookies directory

Why use cookies? Used to keep track of the client session state –Allows the “Full Web Experience” Rotating banners Electronic shopping carts Password saving Data mining Other uses

Why use cookies? Web browsers do not keep continuous connections to the web sites –Cookies send the information to reestablish connections Web sites keep information about users to customize the “Full Web Experience”

Problem Statement With the emergence of cookies, many users are unknowingly releasing data about themselves Win95/98 does not provide security to protect users’ cookies Cookies are not designed to be used in a multi-user environment

Problem Statement There are methods to eliminate/disallow the use of cookies, but this blocks the “Full Web Experience”

Motivation/Importance With the controversy concerning the safety of cookies, it is in the best interest of the administrator to ensure the security of user information being transmitted to web sites

Motivation/Importance Protect the user from cookie crime Protect the subsequent users from getting unwanted advertisement If cookie theft occurs, the administration may be held accountable, however, if the cookies are cleared off, there will be no such threat

Objective Evaluate the use of cookies in public lab settings Develop a hands-off approach to protect users against the cookies threat by providing a transparent layer of protection Provide formidable arguments why users need protection from cookies

Research Plan Review current methods that attempt to solve the cookie security problems Test these methods in a lab setting and review their performance Improve on these methods

Methods and Problems Disable cookies completely –Provides high security because no cookies are formed –Takes away from the “Full Web Experience” Clear cookies at startup/shutdown –Safer than no protection, but requires a user to do something

Methods and Problems Intercept the web browser and clean after exiting –High security, cleans up cookies when the user shuts down the web browser –Mischievous user may “disable” the program in some fashion –Program may crash

Assumptions Use of Win 95/98 –Win95/98 does not provide any security for files or folders –Most other operating systems protect users because they require users to log into an account in which their data is saved in a secured area

Resources and Special Needs Public computer lab –Computers with Win95/98 Various cookie security methods –Disabling cookies –Batch file deletion of cookies –User deleting cookies themselves –Cookie Crunching Software –Most are free and easily obtainable over the internet

Conclusion With the threat of mischievous users and the possible misuse of cookies, it is up to the administration to protect users from as many threats as possible. Cookie security continues to be under major dispute. If cookies are cleared from computers in a lab setting the administration is no longer prone to receiving any future threat to cookies.

Questions?