发明名称 |
A DEFENCE MECHANISM AGAINST COOKIE REPLAY ATTACK IN SINGLE SIGN-ON OF WEB APPLICATION |
摘要 |
A cookie in a web application is simple and widely used by minimizing a load on the server. However, the cookie is vulnerable to a retransmission attack of a method of inputting in a cookie editor by reusing the cookie. The cookie has been widely used even in an SSO capable of authenticating multiple sites by logging in once so that requires supplementation because safety is low. In the present invention, provided is a method of protecting the retransmission attack in the SSO caused by vulnerability of the cookie. A defense technique is configured to use the start and end of a session token which is searched in database and a session retaining time to protect when the retransmission attack of cookie values is performed. |
申请公布号 |
KR20140110118(A) |
申请公布日期 |
2014.09.17 |
申请号 |
KR20130022294 |
申请日期 |
2013.02.28 |
申请人 |
SHON, JIN GON;WON, JONG SUN |
发明人 |
SHON, JIN GON;WON, JONG SUN |
分类号 |
H04L9/32 |
主分类号 |
H04L9/32 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|