SECURE USER SESSION MANAGING METHOD UNDER WEB ENVIRONMENT AND RECORDING MEDIUM RECORDED PROGRAM EXECUTING IT

摘要

A user session managing method and a recording medium recording a program by using an authentication algorithm of trial-response method on web are provided to protect the session of the user by applying authentication algorithm to HTTP(HyperText Transfer Protocol). A server calculates a first server authentication value by using a sharing key stored in a server and random number(S11). The server newly produces the random number. The server uses the shared key stored in the random number and server and the second server authenticator is calculated(S15). The server including random number transmits the HTTP response to the client. The HTTP request including server is the cookie from the client is received. The cookie comprises the client authentication value. By using the random number included in the shared key stored in client and the HTTP response which client is transmitted, the client authentication value is calculated.