Cookie security protection method and server based on encryption technology

A security protection and server technology, applied in the field of information security, can solve problems such as low server security and cookie acquisition, and achieve the effect of avoiding being leaked and improving security

Active Publication Date: 2021-05-25
SICHUAN CHANGHONG ELECTRIC CO LTD
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the present invention is to solve the problem that cookies in the existing network transmission are easily obtained by website attackers, and the security of the server is not high due to injection attacks through cookies, and propose a cookie security protection method based on encryption technology and server

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Cookie security protection method and server based on encryption technology

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0036] The Cookie security protection method based on encryption technology described in the embodiment of the present invention, such as figure 1 shown, including the following steps:

[0037] S01. Before the server sends the response packet containing the Cookie to the browser, encrypt the key value of the Set-Cookie function that sends the Cookie to obtain encrypted ciphertext, and rewrite the Set-Cookie according to the encrypted ciphertext function;

[0038]Among them, the response data packet is the data packet returned by the server to the browser when the user accesses the server resources through the browser, and the cookie is a small piece of text information in the response data packet, and the response data returned by the server to the browser can be accessed according to the access request. Different, Cookie can be one or more.

[0039] S02. Send a response data packet containing Cookie to the browser, and the Cookie is defined by the rewritten Set-Cookie funct...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention relates to the field of information security. The present invention aims to solve the problem that cookies in the existing network transmission are easily obtained by website attackers, and the security of servers is not high due to injection attacks initiated through cookies. The protection method and server, the method mainly includes the following steps: by encrypting and rewriting the key value of the Set-Cookie function, and then sending the Cookie defined by the rewritten Set-Cookie function to the browser, when the server receives the After the request packet of the Cookie, the key value of the Set-Cookie function used by the Cookie is successfully decrypted and then the information in the Cookie is read to prevent website attackers from stealing the Cookie, avoid user information leakage, prevent injection attacks, and improve User information and server security, applicable to Web servers.

Description

technical field [0001] The present invention relates to the technical field of information security, in particular to a cookie security protection method and server. Background technique [0002] The cookie is generated by the server and sent to the User-Agent (usually the browser). The browser will save the key / value of the cookie to a text file in a certain directory, and send the cookie to the next time the same website is requested. server (provided your browser is set to enable cookies). The cookie name and value can be defined by the server-side development itself. For JSP, jsessionid can also be written directly, so that the server can know whether the user is a legitimate user and whether it needs to log in again. The server can set or read the information contained in the cookie , thereby maintaining state in the user's session with the server. [0003] Cookies are often used to save key information such as user IDs, credentials, and status. However, at present, t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L9/06
CPCH04L9/0631H04L9/0643H04L63/0435
Inventor 付强
Owner SICHUAN CHANGHONG ELECTRIC CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap