| Title | Surviving the Web: A Journey into Web Session Security |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Calzavara, Stefano, Focardi, Riccardo, Squarcina, Marco, Tempesta, Mauro |
| Conference Name | Companion Proceedings of the The Web Conference 2018 |
| Publisher | International World Wide Web Conferences Steering Committee |
| ISBN Number | 978-1-4503-5640-4 |
| Keywords | browser security, compositionality, HTTP cookies, Human Behavior, Metrics, pubcrawl, resilience, Resiliency, Web attacks, web defenses, web sessions |
| Abstract | We survey the most common attacks against web sessions, i.e., attacks which target honest web browser users establishing an authenticated session with a trusted web application. We then review existing security solutions which prevent or mitigate the different attacks, by evaluating them along four different axes: protection, usability, compatibility and ease of deployment. Based on this survey, we identify five guidelines that, to different extents, have been taken into account by the designers of the different proposals we reviewed. We believe that these guidelines can be helpful for the development of innovative solutions approaching web security in a more systematic and comprehensive way. |
| DOI | 10.1145/3184558.3186232 |
| Citation Key | calzavara_surviving_2018 |
Surviving the Web: A Journey into Web Session Security