Protecting Web Usage of Credit Cards Using One-Time Pad Cookie Encryption

San Diego California December 09-December 13

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/CSAC.2002.1176278

18th Annual Computer Security Applica ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Donghua Xu Articles by Chenghuai Lu Articles by Andre Dos Santos

	ASCII Text	x
	Donghua Xu, Chenghuai Lu, Andre Dos Santos, "Protecting Web Usage of Credit Cards Using One-Time Pad Cookie Encryption," Computer Security Applications Conference, Annual, pp. 51, 18th Annual Computer Security Applications Conference (ACSAC '02), 2002.

	BibTex	x
	@article{ 10.1109/CSAC.2002.1176278, author = {Donghua Xu and Chenghuai Lu and Andre Dos Santos}, title = {Protecting Web Usage of Credit Cards Using One-Time Pad Cookie Encryption}, journal ={Computer Security Applications Conference, Annual}, volume = {0}, year = {2002}, issn = {1063-9527}, pages = {51}, doi = {http://doi.ieeecomputersociety.org/10.1109/CSAC.2002.1176278}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Applications Conference, Annual TI - Protecting Web Usage of Credit Cards Using One-Time Pad Cookie Encryption SN - 1063-9527 SP EP A1 - Donghua Xu, A1 - Chenghuai Lu, A1 - Andre Dos Santos, PY - 2002 KW - null VL - 0 JA - Computer Security Applications Conference, Annual ER -

Donghua Xu, Georgia Institute of Technology

Chenghuai Lu, Georgia Institute of Technology

Andre Dos Santos, Georgia Institute of Technology

The blooming e-commerce is demanding better methods to protect online users' privacy, especially the credit card information that is widely used in online shopping. Holding all these data in a central database of the web sites would attract hackers' attacks, impose unnecessary liability on the merchant web sites, and raise the customers' privacy concerns. In this paper we introduce and discuss in details the secure distributed storage of sensitive information using HTTP cookie encryption. We are able to employ One-Time Pads to encrypt the cookies, because encryption and decryption are both done by the server, which is an interesting characteristic overlooked by the existing systems. We implemented this protocol and showed that it is simple, fast and easy to program with.

Citation:

Donghua Xu, Chenghuai Lu, Andre Dos Santos, "Protecting Web Usage of Credit Cards Using One-Time Pad Cookie Encryption," acsac, pp.51, 18th Annual Computer Security Applications Conference (ACSAC '02), 2002

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.