Lecture: SSDS - Secure Session Data Storage
Protecting HTTP Session-Data from prying eyes
SSDS is a novel security concept to protect HTTP session-data on the web/application server. It employs encryption to secure the session-data against unauthorized access. The HTTP Session-ID is used as the encryption key for the stored session-data, so that the session-data can only be accessed while HTTP requests are processed (due to the fact that the Session-ID is unknown to the webserver except during the HTTP request). The cryptographic concepts of SSDS are explained. The reference implementation of SSDS for PHP is presented.
Start time: 17:45
Click here to let us know how you liked this event.