A secure cookie protocol

Cookies are the primary means for web applications to authenticate HTTP requests and to maintain client. states. Many web applications (such is electronic commerce) demand a secure cookie protocol. Such a protocol needs to provide the following four services: authentication, confidentiality, integrity and anti-replay. Several secure cookie protocols have been proposed in previous literature however, none of them are completely satisfactory. In this paper, we propose a secure cookie protocol that is effective, efficient, and easy to deploy. lit terms of effectiveness, Our protocol provides all of the above four security services. In terms of efficiency, our protocol does not involve any database lookup or public key cryptography. In terms of deployability, Our protocol can be easily deployed oil all existing web server, and it does not require any change to the Internet cookie specification. We implemented Our secure cookie protocol using PHP, and the experiment tal results Show that our protocol is very efficient.