Pequeña
cantidad de información que se le manda al navegador del cliente y que permite
que éste quede identificado en conexiones sucesivas.
A character string, placed
in a web browser’s memory, which is available to websites within the same
Internet domain as the server that placed them in the web browser.
Cookies are used for many
purposes and may be assertions or may contain pointers to assertions.
[NIST-SP800-63:2013]
Data exchanged between an
HTTP server and a browser (a client of the server) to store state information
on the client side and retrieve it later for server use. [CNSSI_4009:2010]
1. (I) /HTTP/ Data exchanged
between an HTTP server and a browser (a client of the server) to store state
information on the client side and retrieve it later for server use.
2. (I) /IPsec/ Data objects
exchanged by ISAKMP to prevent certain denial-of-service attacks during the
establishment of a security association.
[RFC4949:2007]
A file transmitted to a
users browser to uniquely identify the users browser.
http://iab.com/
Temporary cookies which are
only loaded for the active browser session and erased upon exiting the browser.
http://iab.com/
A cookie that does not
automatically gets erased and remains on the users system even after the user
disconnects.
http://iab.com/
Small amount of data sent by
the web server, to a web client, which can be stored and retrieved at a later
time. Typically cookies are used to keep track of a users state as they
traverse a web site. See also Cookie Manipulation.
http://www.webappsec.org/projects/glossary/
Altering or modification of
cookie values, on the clients web browser, to exploit security issues within a
web application. Attackers will normally manipulate cookie values to
fraudulently authenticate themselves to a web site. This is an example of the
problem of trusting the user to provide reasonable input.
http://www.webappsec.org/projects/glossary/