- 學位論文
植基於Worker序列化請求之接替式Session系統
A study on stepped session system based on serial requests with worker technology
摘要
在現今網際網路的蓬勃發展下,大多數的人都有使用網頁的經驗,然而在使用網頁的過程中,背後卻藏有許多的危機以及風險,使用者的個人資訊可能遭到有心人士的竊取,而我們提出的植基於Worker序列化請求之接替式Session系統,是一種防止使用者在瀏覽網頁時,在未知的情況下被惡意或無意的竄改資料,我們提出一種基於AJAX技術的設計來解決HTML5缺陷。本設計利用Session以及Worker來實作並解決此問題,其技術分為前端與後端兩種,本設計利用Worker的技術來實作序列化的過程,前端技術會使用序列化的方式來處理每一次的請求,並向Server傳送請求,而後端程式會在Server端處理,每處理完一次請求,則將Session憑證加以修改,藉由此技術改善使用者遭到駭客擷取Session時,所可能發生資料更動錯誤或是被惡意更動的情形,讓使用者在第一時間知道身分可能遭冒用進而減少損失,希望透過此機制能使網站系統可以增加資訊安全的強度。
並列摘要
Recently, people browse web site in the daily life. Web sites’ design and maintenance have been important tasks in the computer science. As http protocol is connectionless, session system which is based on cookies is designed to maintain the login state after users’ login information has been verified. However, the session system is not safe from the viewpoint of information security. Thus, we propose a design based on AJAX and worker technologies which is new in HTML5 to improve the defect of the session system. The key point is to send http requests serially by using AJAX and worker technologies. And then we can reflash cookie for the session certify from the server side after each request has been manipulated. By this design, the web site may prevent hackers to pretending as the user by stealing the cookie for the session certify through some sniffer software. We hope that by this design the web systems may increase the intensity of information safety.