Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Robust defenses for cross-site request forgery
Barth A., Jackson C., Mitchell J.  CCS 2008 (Proceedings of the 15th ACM Conference on Computer and Communications Security, Alexandria, VA, Oct 27-31, 2008)75-88.2008.Type:Proceedings
Date Reviewed: Feb 4 2010

Cross-site attacks are widely used to exploit Web site vulnerability. Barth, Jackson, and Mitchell present in this paper a detailed description of cross-site request forgery (CSRF), a specific kind of cross-site attack. CSRF allows the attacker to forge a valid request to a Web site by redirecting the user. The authors also discuss the existing defenses against CSRF and suggest “modifying browsers to send an origin header with POST requests that identifies the [source] that initiated the request.“

The paper is well written and the references are up to date. The paper should be valuable to professionals in the Internet security area.
Reviewer:  Zheng Gong Review #: CR137694 (1012-1308)
Bookmark and Share
 
Security and Protection (K.6.5 )
 
Would you recommend this review?
yes
no
Other reviews under "Security and Protection": Date
Computers at risk
, National Academy Press, Washington, DC, 1991. Type: Book (9780309043885)		 Oct 1 1991
Computer security basics
Russell D., G. T. S., O’Reilly & Associates, Inc., Sebastopol, CA, 1991. Type: Book (9780937175712)		 Jul 1 1992
Information security handbook
Caelli W., Longley D., Shain M., Stockton Press, New York, NY, 1991. Type: Book (9781561590186)		 Feb 1 1993
more...
E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use | Privacy Policy