Exchanging Database Writes with modern Cryptography

Andreas Happe (Autor:in und Vortragende:r), Thomas Lorünser

Publikation: Beitrag in Buch oder TagungsbandVortrag mit Beitrag in TagungsbandBegutachtung

Abstract

Modern cryptography provides for new ways of
solving old problems. This paper details how Keyed-Hash Message Authentication Codes (HMACs) or Authenticated Encryption with Associated Data (AEAD) can be employed as an
alternative to a traditional server-side temporal session store.
This cryptography-based approach reduces the server-side need
for state. When applied to database-based user-management
systems it removes all database alteration statements needed for
confirmed user sign-up and greatly removes database alteration
statements for typical “forgot password” use-cases. As there is
no temporary data stored within the server database system,
there is no possibility of creating orphaned or abandoned data
records. However, this new approach is not generic and can only
be applied if implemented use-cases fulfill requirements. This
requirements and implications are also detailed within this paper.
Index Terms—Internet, Network security, Web services
OriginalspracheEnglisch
TitelThe First International Conference on Advances in Cyber-Technologies and Cyber-Systems CYBER2016
Seiten50-53
Band1
PublikationsstatusVeröffentlicht - 2016
VeranstaltungThe First International Conference on Advances in Cyber-Technologies and Cyber-Systems 2016: CYBER 2016 - Venice, Venice, Italien
Dauer: 9 Okt. 201613 Okt. 2016

Konferenz

KonferenzThe First International Conference on Advances in Cyber-Technologies and Cyber-Systems 2016
Land/GebietItalien
StadtVenice
Zeitraum9/10/1613/10/16

Research Field

  • Cyber Security

Fingerprint

Untersuchen Sie die Forschungsthemen von „Exchanging Database Writes with modern Cryptography“. Zusammen bilden sie einen einzigartigen Fingerprint.

Diese Publikation zitieren