cookie poisoning

Cookies stored on your computer's hard drive maintain bits of information that allow Web sites you visit to authenticate your identity, speed up your transactions, monitor your behavior, and personalize their presentations for you. However, cookies can also be accessed by persons unauthorized to do so. Unless security measures are in place, an attacker can examine a cookie to determine its purpose and edit it so that it helps them get user information from the Web site that sent the cookie.

To guard against cookie poisoning, Web sites that use them should protect cookies (through encryption, for example) before they are sent to a user's computer. Ingrian Networks' Active Application Security platform is one means of securing cookies. When cookies pass through the platform, sensitive information is encrypted. A digital signature is created that is used to validate the content in all future communications between the sender and the recipient. If the content is tampered with, the signature will no longer match the content and will be refused access by the server.

Learn more about Identity Theft and Data Security Breaches

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

More resources from around the web: - Internet.com has an article, "Ingrian Protects Against 'Cookie Poisoning.'" - Jeremy Wolff has a presentation about security that discusses cookie poisoning.

FILE EXTENSION AND FILE FORMAT LIST File Extension and File Format List: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

RELATED CONTENT MA 201 CMR 17 enforcement less likely with prompt reporting, cooperation The official charged with enforcing the MA 201 CMR 17 data protection law says early reporting of potential breaches and cooperation will help firms... No major PCI DSS revision expected in 2010 The next revision of PCI DSS will contain clarifications, but no major revisions, according to Bob Russo, general manager of the PCI Security... Data breach costs continue to rise in 2009, Ponemon study finds A Ponemon Institute study of 45 businesses found data breach costs increased last year to $204 per compromised record, a rise of $2 per customer...

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary bot worm  (SearchSecurity.com) A bot worm is a self-replicating malware program that resides in current memory, turns infected computers into zombies (or bots) and transmits itself... CISP-PCI  (SearchFinancialSecurity.com) CISP (Cardholder Information Security Program) and PCI (Payment Card Industry Data Security Standard) are specifications developed and used by credit...