Cross-Site Request Forgery (CSRF) is a widely exploited web site vulnerability. In this paper, we present a new variation on CSRF attacks, login CSRF, in which the attacker forges...
: This paper focuses on the different challenges to design a security typed web scripting language. It uses the type system approach on a simple imperative language that captures a...
The JavaScript language is used to enhance the clientside display of web pages. JavaScript code is downloaded into browsers and executed on-the-fly by an embedded interpreter. Br...
Unrestricted information flows are a key security weakness of current web design. Cross-site scripting, cross-site request forgery, and other attacks typically require that inform...
Terri Oda, Glenn Wurster, Paul C. van Oorschot, An...
We developed a new Web authentication protocol with passwordbased mutual authentication which prevents various kinds of phishing attacks. This protocol provides a protection of us...