<div class="csl-bib-body">
<div class="csl-entry">Calzavara, S., Focardi, R., Squarcina, M., & Tempesta, M. (2017). Surviving the Web: A Journey into Web Session Security. <i>ACM Computing Surveys</i>, <i>50</i>(1), 1–34. https://doi.org/10.1145/3038923</div>
</div>
-
dc.identifier.issn
0360-0300
-
dc.identifier.uri
http://hdl.handle.net/20.500.12708/148035
-
dc.description.abstract
In this article, we survey the most common attacks against web sessions, that is, attacks that target honest web browser users establishing an authenticated session with a trusted web application. We then review existing security solutions that prevent or mitigate the different attacks by evaluating them along four different axes: protection, usability, compatibility, and ease of deployment. We also assess several defensive solutions that aim at providing robust safeguards against multiple attacks. Based on this survey, we identify five guidelines that, to different extents, have been taken into account by the designers of the different proposals we reviewed. We believe that these guidelines can be helpful for the development of innovative solutions approaching web security in a more systematic and comprehensive way.
en
dc.publisher
ASSOC COMPUTING MACHINERY
-
dc.relation.ispartof
ACM Computing Surveys
-
dc.subject
Theoretical Computer Science
-
dc.subject
General Computer Science
-
dc.subject
Web sessions
-
dc.subject
HTTP cookies
-
dc.subject
web attacks
-
dc.subject
web defenses
-
dc.title
Surviving the Web: A Journey into Web Session Security