Secure Web-Site Access with Tickets and Message-Dependent Digests

Techniques and Methods 7-B1



Although there are various methods for restricting access to documents stored on a World Wide Web (WWW) site (a Web site), none of the widely used methods is completely suitable for restricting access to Web applications hosted on an otherwise publicly accessible Web site. A new technique, however, provides a mix of features well suited for restricting Web-site or Web-application access to authorized users, including the following: secure user authentication, tamper-resistant sessions, simple access to user state variables by server-side applications, and clean session terminations. This technique, called message-dependent digests with tickets, or MDDT, maintains secure user sessions by passing single-use nonces (tickets) and message-dependent digests of user credentials back and forth between client and server. Appendix 2 provides a working implementation of MDDT with PHP server-side code and JavaScript client-side code.

Additional publication details

Publication type Report
Publication Subtype USGS Numbered Series
Title Secure Web-Site Access with Tickets and Message-Dependent Digests
Series title Techniques and Methods
Series number 7-B1
DOI 10.3133/tm7B1
Edition -
Year Published 2008
Language ENGLISH
Publisher Geological Survey (U.S.)
Contributing office(s) Eastern Geographic Science Center
Description iv, 53 p.
Larger Work Type Report
Larger Work Subtype USGS Numbered Series
Larger Work Title Chapter 1 of Book 7, Automated Data Processing and Computations, Section B, Web Applications
Online Only (Y/N) Y