Security%20of%20Cookies%20In%20A%20Public%20Computer%20Lab%20Setting - PowerPoint PPT Presentation

About This Presentation
Title:

Security%20of%20Cookies%20In%20A%20Public%20Computer%20Lab%20Setting

Description:

Cookies exist on both major web browsers ... controversy concerning the safety of cookies, it is in the best interest of the ... the web browser and clean ... – PowerPoint PPT presentation

Number of Views:65
Avg rating:3.0/5.0
Slides: 20
Provided by: GE986
Learn more at: http://www.cs.bsu.edu
Category:

less

Transcript and Presenter's Notes

Title: Security%20of%20Cookies%20In%20A%20Public%20Computer%20Lab%20Setting


1
Security of Cookies In A Public Computer Lab
Setting
  • Russell Fech
  • November 30, 2000

2
Outline
  • Introduction of Cookies
  • Problem Statement
  • Motivation/Importance
  • Objective
  • Research Plan
  • Assumptions
  • Conclusion

3
What are cookies?
  • Cookies are a general mechanism which server
    side connections can use to both store and
    retrieve information on the client side of the
    connection. - Netscape
  • Also known as Magic Cookies
  • Cookies can only be read by the website that
    issued them

4
Types of cookies
  • Persistent
  • Stored on hard drive for the long time duration
  • Non-persistent
  • Stored only for the current session of the web
    browser

5
Where are the cookies?
  • Cookies exist on both major web browsers
  • Netscape stores all cookies in the cookies.txt
    file in a Netscape directory
  • Internet Explorer stores individual cookies as
    text files in a cookies directory

6
Why use cookies?
  • Used to keep track of the client session state
  • Allows the Full Web Experience
  • Rotating banners
  • Electronic shopping carts
  • Password saving
  • Data mining
  • Other uses

7
Why use cookies?
  • Web browsers do not keep continuous connections
    to the web sites
  • Cookies send the information to reestablish
    connections
  • Web sites keep information about users to
    customize the Full Web Experience

8
Problem Statement
  • With the emergence of cookies, many users are
    unknowingly releasing data about themselves
  • Win95/98 does not provide security to protect
    users cookies
  • Cookies are not designed to be used in a
    multi-user environment

9
Problem Statement
  • There are methods to eliminate/disallow the use
    of cookies, but this blocks the Full Web
    Experience

10
Motivation/Importance
  • With the controversy concerning the safety of
    cookies, it is in the best interest of the
    administrator to ensure the security of user
    information being transmitted to web sites

11
Motivation/Importance
  • Protect the user from cookie crime
  • Protect the subsequent users from getting
    unwanted advertisement
  • If cookie theft occurs, the administration may be
    held accountable, however, if the cookies are
    cleared off, there will be no such threat

12
Objective
  • Evaluate the use of cookies in public lab
    settings
  • Develop a hands-off approach to protect users
    against the cookies threat by providing a
    transparent layer of protection
  • Provide formidable arguments why users need
    protection from cookies

13
Research Plan
  • Review current methods that attempt to solve the
    cookie security problems
  • Test these methods in a lab setting and review
    their performance
  • Improve on these methods

14
Methods and Problems
  • Disable cookies completely
  • Provides high security because no cookies are
    formed
  • Takes away from the Full Web Experience
  • Clear cookies at startup/shutdown
  • Safer than no protection, but requires a user to
    do something

15
Methods and Problems
  • Intercept the web browser and clean after exiting
  • High security, cleans up cookies when the user
    shuts down the web browser
  • Mischievous user may disable the program in
    some fashion
  • Program may crash

16
Assumptions
  • Use of Win 95/98
  • Win95/98 does not provide any security for files
    or folders
  • Most other operating systems protect users
    because they require users to log into an account
    in which their data is saved in a secured area

17
Resources and Special Needs
  • Public computer lab
  • Computers with Win95/98
  • Various cookie security methods
  • Disabling cookies
  • Batch file deletion of cookies
  • User deleting cookies themselves
  • Cookie Crunching Software
  • Most are free and easily obtainable over the
    internet

18
Conclusion
  • With the threat of mischievous users and the
    possible misuse of cookies, it is up to the
    administration to protect users from as many
    threats as possible.
  • Cookie security continues to be under major
    dispute. If cookies are cleared from computers
    in a lab setting the administration is no longer
    prone to receiving any future threat to cookies.

19
Questions?
  • Questions?
Write a Comment
User Comments (0)
About PowerShow.com