{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,26]],"date-time":"2025-09-26T04:58:07Z","timestamp":1758862687249},"publisher-location":"Berlin, Heidelberg","reference-count":22,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540281382"},{"type":"electronic","value":"9783540319375"}],"license":[{"start":{"date-parts":[[2005,1,1]],"date-time":"2005-01-01T00:00:00Z","timestamp":1104537600000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2005]]},"DOI":"10.1007\/11535706_23","type":"book-chapter","created":{"date-parts":[[2010,7,25]],"date-time":"2010-07-25T14:03:17Z","timestamp":1280066597000},"page":"310-324","source":"Crossref","is-referenced-by-count":2,"title":["Trusted Identity and Session Management Using Secure Cookies"],"prefix":"10.1007","author":[{"given":"Joon S.","family":"Park","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Harish S.","family":"Krishnan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"23_CR1","unstructured":"American Association of Motor Vehicle Administrators (AAMVA). Identification Security, http:\/\/www.aamva.org\/IDSecurity\/"},{"issue":"4","key":"23_CR2","doi-asserted-by":"publisher","first-page":"6","DOI":"10.1108\/09593849410076799","volume":"7","author":"R. Clarke","year":"1994","unstructured":"Clarke, R.: Human Identification in Information Systems: Management Challenges and Public Policy Issues. Information Technology and People\u00a07(4), 6\u201337 (1994)","journal-title":"Information Technology and People"},{"key":"23_CR3","unstructured":"Sullivan, E.: Are Web-based cookies a treat or a recipe for trouble?, June 26. PC Week (1996)"},{"key":"23_CR4","unstructured":"Greenwood, D., Combs, D., et al.: Identity Management: A White Paper. In: National Electronic Commerce Coordinating Council, Lexington, KY, vol.\u00a068 (2002)"},{"key":"23_CR5","unstructured":"Liberty Alliance Project. Introduction to the Liberty Alliance Identity Architecture. Identity Architecture Whitepaper (March 2003), http:\/\/www.projectliberty.org\/resources\/whitepapers\/LAP"},{"key":"23_CR6","unstructured":"Liberty Alliance Project. Identity Systems and Liberty Specification Version 1.1 Interoperability and 3rd PartyIdentitySystemsWhitePaper.pdf. February 14 (2003), https:\/\/www.projectliberty.org\/resources\/whitepapers\/Liberty"},{"key":"23_CR7","unstructured":"Klein, A.: Hacking Web Applications Using Cookie Poisoning Sanctum Inc., http:\/\/www.cgisecurity.com\/lib\/CookiePoisoningByline.pdf"},{"key":"23_CR8","doi-asserted-by":"crossref","unstructured":"Kristol, D., Montulli, L.: RFC 2965, HTTP State Management Mechanism. Network Working Group (October 2000)","DOI":"10.17487\/rfc2965"},{"key":"23_CR9","doi-asserted-by":"crossref","unstructured":"Kang, M.H., Park, J.S., Froscher, J.N.: Access Control Mechanisms for Inter-Organization Workflow. In: Proceedings of the 6th ACM Symposium on Access Control Model and Technologies (SACMAT), Chantilly, Virginia, May 3-4 (2001)","DOI":"10.1145\/373256.373266"},{"key":"23_CR10","unstructured":"Microsoft.NET Passport. Review Guide (January 2004), http:\/\/www.microsoft.com\/net\/services\/passport\/review_guide.asp"},{"key":"23_CR11","unstructured":"Computer Science and Telecommunications Board, N. R. C. IDs - Not That Easy: Questions about Nationwide Identity Systems. Washington, DC, National Academy of Sciences (2002)"},{"key":"23_CR12","doi-asserted-by":"crossref","unstructured":"Park, J.S., Costello, K.P., Neven, T.M., Diosomito, J.A.: A Composite RBAC Approach for Large, Complex Organizations. In: Proceedings of the 9th ACM Symposium on Access Control Models and Technologies (SACMAT), Yorktown Heights, New York, June 2-4 (2004)","DOI":"10.1145\/990036.990063"},{"key":"23_CR13","doi-asserted-by":"crossref","unstructured":"Park, J.S., Chandramohan, P., Zak, A., Giordano, J.: Fine-Grained, Scalable, and Secure Key Management Scheme for Trusted Military Message Systems. In: Proceedings of The Military Communications Conference (MILCOM), Monterey, CA, October 31-November 3 (2004)","DOI":"10.1109\/MILCOM.2004.1495186"},{"key":"23_CR14","unstructured":"Park, J.S., Kang, M.H., Froscher, J.N.: A Secure Workflow System for Dynamic Cooperation. In: Proceedings of the 16th International Conference on Information Security (IFIP\/SEC 2001), Paris, France, June 11-13 (2001)"},{"key":"23_CR15","unstructured":".NET Passport, http:\/\/www.passport.NET"},{"key":"23_CR16","doi-asserted-by":"crossref","unstructured":"Park, J.S., Sandhu, R.: Secure Cookies on the Web. IEEE Internet Computing\u00a04(4) (July-August 2000)","DOI":"10.1109\/4236.865085"},{"key":"23_CR17","doi-asserted-by":"crossref","unstructured":"Park, J.S., Sandhu, R., Ahn, G.-J.: Role-Based Access Control on the Web. ACM Transactions on Information and System Security (TISSEC)\u00a04(1) (February 2001)","DOI":"10.1145\/383775.383777"},{"key":"23_CR18","unstructured":"Park, J.S., Sandhu, R., Ghanta, S.: RBAC on the Web by Secure Cookies. In: Proceedings of the 13th IFIP WG 11.3 Working Conference on Database Security, Seattle, Washington, July 26-28 (1999)"},{"key":"23_CR19","doi-asserted-by":"crossref","unstructured":"Sandhu, R., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role Based Access Control Models. IEEE Computer\u00a029(2) (February 1996)","DOI":"10.1109\/2.485845"},{"key":"23_CR20","unstructured":"Simple Object Access protocol. Version 1.2 Specification (June 24, 2003), http:\/\/www.w3.org\/TR\/soap\/"},{"key":"23_CR21","first-page":"29","volume-title":"Proc. Second Usenix Workshop on Electronic Commerce","author":"D. Wagner","year":"1996","unstructured":"Wagner, D., Schneier, B.: Analysis of the SSL 3.0 Protocol. In: Proc. Second Usenix Workshop on Electronic Commerce, November 1996, pp. 29\u201340. Usenix Press, Berkeley (1996)"},{"key":"23_CR22","unstructured":"Extensible Markup Language, http:\/\/www.w3.org\/XML\/"}],"container-title":["Lecture Notes in Computer Science","Data and Applications Security XIX"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/11535706_23","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,31]],"date-time":"2019-05-31T12:23:12Z","timestamp":1559305392000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/11535706_23"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2005]]},"ISBN":["9783540281382","9783540319375"],"references-count":22,"URL":"https:\/\/doi.org\/10.1007\/11535706_23","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2005]]}}}