Information Security

Management
Practical part

T. Siham AL_Mithali
COOKIES & SESSIONS
 What are cookies?
• Cookies are small text files placed on a user’s computer (or smartphone),
which are commonly used to collect personal data. Most website operators
place cookies on the browser or hard drive of their user's computer.
• Cookies can gather information about the use of a website or enable the
website to recognize the user as an existing customer when they return to the
website at a later date.
• This file is neither a virus nor spyware. The law protects website users and
lets them opt-out from the use of cookies on their website browser.
 What are cookies?
• Store information in the end-user’s browser/Client side until deleted.
• A cookie is often used to identify a user.
• Example: If a person has a login and password, this can be set as a cookie in their
browser so they do not have to re-login to your website every time they visit The
trouble is that a user can block cookies or delete them at any time. If, for example,
your website’s shopping cart utilized cookies, and a person had their browser set to
block them, then they could not shop at your website.
 What are the benefits of cookies?
• Cookies are used to make the user's web experience faster, convenient and
personalized. For example you can select a language to view a website the
first time you visit it. When you visit the website again it will save your
preference.
 Types of cookies
Session cookies
Session cookies, also known as 'temporary cookies', help websites recognise
users and the information provided when they navigate through a website.
Session cookies only retain information about a user's activities for as long as
they are on the website. Once the web browser is closed, the cookies are
deleted. These are commonly used on shopping websites or e-commerce
websites.
 Types of cookies
Tracking cookies
• when you log in to a website and tick the checkbox to keep yourself logged in for future visits,
your browser will store a cookie on your hard drive that the web
• Other than storing visitors’ preferences, another benign use for cookies is to store marketing
data. This allows websites to show targeted ads to users which may increase their conversion
rates. However, tracking cookies often take it a step further.
Some tracking cookies will go with you all across the Internet and relay your personal
information and data back to a website when you revisit it. This is commonly used for retargeting
advertising purposes.
For example, if a website is running ads served by Google, your activity on that website may
carry over with you to an entirely different one that is also displaying Google’s ads.site can later
interact with to know your preferences.
 Sessions
Data stored in session is stored on the server side. which means clients do not have access to
the information you store about them. this is particularly important if you store shopping
baskets or other information you do not want you visitors to be able to edit by hand by hacking
their cookies.
They work instead like a token allowing access and passing information while the user has their
browser open.
The problem with sessions is that when you close your browser you also lose the session.
Example: if you had a site requiring a login, this couldn’t be saved as a session like it could as a
cookie, and the user would be forced to re-login every time they visit.
IPS & IDS
Cont.