Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security of Cookies In A Public Computer Lab Setting Russell Fech November 30, 2000.

Similar presentations

Presentation on theme: "Security of Cookies In A Public Computer Lab Setting Russell Fech November 30, 2000."— Presentation transcript:

1 Security of Cookies In A Public Computer Lab Setting Russell Fech November 30, 2000

2 Outline Introduction of Cookies Problem Statement Motivation/Importance Objective Research Plan Assumptions Conclusion

3 What are cookies? “Cookies are a general mechanism which server side connections can use to both store and retrieve information on the client side of the connection.” - Netscape Also known as “Magic Cookies” Cookies can only be read by the website that issued them

4 Types of cookies Persistent –Stored on hard drive for the long time duration Non-persistent –Stored only for the current session of the web browser

5 Where are the cookies? Cookies exist on both major web browsers –Netscape stores all cookies in the cookies.txt file in a Netscape directory –Internet Explorer stores individual cookies as text files in a cookies directory

6 Why use cookies? Used to keep track of the client session state –Allows the “Full Web Experience” Rotating banners Electronic shopping carts Password saving Data mining Other uses

7 Why use cookies? Web browsers do not keep continuous connections to the web sites –Cookies send the information to reestablish connections Web sites keep information about users to customize the “Full Web Experience”

8 Problem Statement With the emergence of cookies, many users are unknowingly releasing data about themselves Win95/98 does not provide security to protect users’ cookies Cookies are not designed to be used in a multi-user environment

9 Problem Statement There are methods to eliminate/disallow the use of cookies, but this blocks the “Full Web Experience”

10 Motivation/Importance With the controversy concerning the safety of cookies, it is in the best interest of the administrator to ensure the security of user information being transmitted to web sites

11 Motivation/Importance Protect the user from cookie crime Protect the subsequent users from getting unwanted advertisement If cookie theft occurs, the administration may be held accountable, however, if the cookies are cleared off, there will be no such threat

12 Objective Evaluate the use of cookies in public lab settings Develop a hands-off approach to protect users against the cookies threat by providing a transparent layer of protection Provide formidable arguments why users need protection from cookies

13 Research Plan Review current methods that attempt to solve the cookie security problems Test these methods in a lab setting and review their performance Improve on these methods

14 Methods and Problems Disable cookies completely –Provides high security because no cookies are formed –Takes away from the “Full Web Experience” Clear cookies at startup/shutdown –Safer than no protection, but requires a user to do something

15 Methods and Problems Intercept the web browser and clean after exiting –High security, cleans up cookies when the user shuts down the web browser –Mischievous user may “disable” the program in some fashion –Program may crash

16 Assumptions Use of Win 95/98 –Win95/98 does not provide any security for files or folders –Most other operating systems protect users because they require users to log into an account in which their data is saved in a secured area

17 Resources and Special Needs Public computer lab –Computers with Win95/98 Various cookie security methods –Disabling cookies –Batch file deletion of cookies –User deleting cookies themselves –Cookie Crunching Software –Most are free and easily obtainable over the internet

18 Conclusion With the threat of mischievous users and the possible misuse of cookies, it is up to the administration to protect users from as many threats as possible. Cookie security continues to be under major dispute. If cookies are cleared from computers in a lab setting the administration is no longer prone to receiving any future threat to cookies.

19 Questions?

Download ppt "Security of Cookies In A Public Computer Lab Setting Russell Fech November 30, 2000."

Similar presentations

Ads by Google