| Abstract: | Although there are various methods for restricting access to documents stored on a World Wide Web (WWW) site (a Web site), none of the widely used methods is completely suitable for restricting access to Web applications hosted on an otherwise publicly accessible Web site. A new technique, however, provides a mix of features well suited for restricting Web-site or Web-application access to authorized users, including the following: secure user authentication, tamper-resistant sessions, simple access to user state variables by server-side applications, and clean session terminations. This technique, called message-dependent digests with tickets, or MDDT, maintains secure user sessions by passing single-use nonces (tickets) and message-dependent digests of user credentials back and forth between client and server. Appendix 2 provides a working implementation of MDDT with PHP server-side code and JavaScript client-side code. |
| Genre: | USGS Numbered Series |
| ProdID: | 97097 |
| Citation Author: | Donato, David I. |
| Citation Contributing Office: | Eastern Geographic Science Center |
| Citation Datum: | |
| Citation Day: | |
| Citation Edition: | - |
| Citation Editor: | |
| Citation End Page: | |
| Citation Issue: | |
| Citation Keywords: | |
| Citation Language: | ENGLISH |
| Citation Larger Work Title: | Chapter 1 of Book 7, Automated Data Processing and Computations, Section B, Web Applications |
| Citation LatN: | |
| Citation LatS: | |
| Citation LonE: | |
| Citation LonW: | |
| Citation Month: | |
| Citation No Pagination: | |
| Citation Number Of Pages: | |
| Citation Online Only Flag: | Y |
| Citation Phsyical Description: | iv, 53 p. |
| Citation Projection: | |
| Citation Public Comments: | |
| Citation Publisher: | Geological Survey (U.S.) |
| Citation Series: | Techniques and Methods |
| Citation Series Code: | TM |
| Citation Series Number: | 7-B1 |
| Citation Search Results Text: | Secure Web-Site Access with Tickets and Message-Dependent Digests; 2008; TM; 7-B1; Chapter 1 of Book 7, Automated Data Processing and Computations, Section B, Web Applications; Donato, David I. |
| Citation Start Page: | |
| Citation Volume: | |
| Citation Year: | 2008 |
| Type: | citation/reference |
| Text: | Secure Web-Site Access with Tickets and Message-Dependent Digests; 2008; TM; 7-B1; Chapter 1 of Book 7, Automated Data Processing and Computations, Section B, Web Applications; Donato, David I. |
| URL (THUMBNAIL): | http://pubs.er.usgs.gov/thumbnails/usgs_thumb.jpg |
| URL (INDEX PAGE): | http://pubs.usgs.gov/tm/tm7b1/ |
| Date Other: | Thu, 27 Nov 2008 00:00 -0600 |
| Publisher: | Geological Survey (U.S.) |
