Logo des Repositoriums
 

Towards stateless, client-side driven cross-site request forgery protection for web applications

dc.contributor.authorLekies, Sebastian
dc.contributor.authorTighzert, Walter
dc.contributor.authorJohns, Martin
dc.contributor.editorSuri, Neeraj
dc.contributor.editorWaidner, Michael
dc.date.accessioned2018-11-19T13:11:37Z
dc.date.available2018-11-19T13:11:37Z
dc.date.issued2012
dc.description.abstractCross-site request forgery (CSRF) is one of the dominant threats in the Web application landscape. In this paper, we present a lightweight and stateless protection mechanism that can be added to an existing application without requiring changes to the application's code. The key functionality of the approach, which is based on the double-submit technique, is purely implemented on the client-side. This way full coverage of client-side generation of HTTP requests is provided.en
dc.identifier.isbn978-3-88579-289-5
dc.identifier.pissn1617-5468
dc.identifier.urihttps://dl.gi.de/handle/20.500.12116/18267
dc.language.isoen
dc.publisherGesellschaft für Informatik e.V.
dc.relation.ispartofSICHERHEIT 2012 – Sicherheit, Schutz und Zuverlässigkeit
dc.relation.ispartofseriesLecture Notes in Informatics (LNI) - Proceedings, Volume P-195
dc.titleTowards stateless, client-side driven cross-site request forgery protection for web applicationsen
dc.typeText/Conference Paper
gi.citation.endPage121
gi.citation.publisherPlaceBonn
gi.citation.startPage111
gi.conference.date7.-9. März 2012
gi.conference.locationDarmstadt
gi.conference.sessiontitleRegular Research Papers

Dateien

Originalbündel
1 - 1 von 1
Lade...
Vorschaubild
Name:
111.pdf
Größe:
157.84 KB
Format:
Adobe Portable Document Format