ISW Security Papers Contest
 
Cookie Security by Arvind Doraiswamy on 14/05/06

Today most websites and web based applications use cookies. Cookies are primarily used by the web server to track an authenticated user or other user specific details. This article introduces the various threats associated with cookies and the options for their secure usage.

Introducing Cookie Managers

The web browser can either store the cookies in its memory or the hard disk depending on whether the cookie is persistent or non persistent. Persistent cookies remain stored on the hard drive even after a user has logged out of the application. Non Persistent Cookies get created and stored temporarily in the memory and is destroyed at the end of the user’s session. The persistent cookies are generally stored in a file. This file is present in the browser’s profile directory incase a Netscape or Mozilla is used “C:\Documents and Settings\arvind\Application Data\Mozilla\Profiles” and for Internet Explorer it is present in “C:\Documents and Settings\(profile name)\Cookies” folder as shown in Figure 1.1.

This document is in PDF format. To view it click here.

Rate this article

All images, content & text (unless other ownership applies) are © copyrighted 2000 -  , Infosecwriters.com. All rights reserved. Comments are property of the respective posters.