Stefan Kimak

PhD in Computer Science and Digital Technologies

This thesis presents an analysis of, and enhanced security model for IndexedDB, the persistent HTML5 browser based data store.

This thesis firstly argues that IndexedDB is insecure by design. That is, the design of IndexedDB means that every implementation is vulnerable to attacks such as Cross Site Scripting, and even data from databases that have been deleted may readily be stolen using appropriate software tools. This is demonstrated experimentally on both mobile and desktop browsers. IndexedDB is however capable of very high performance levels.This is demonstrated through the development of a formal performance model.

In the final component of this thesis, we propose and implement security enhancement that corrects the weaknesses in IndexedDB local storage. The enhancement uses multi factor authentication, and so is resistant to Cross Site Scripting attacks. This enhancement is then demonstrated experimentally, showing HTML5 IndexedDb may be securely used both on and offline.

Research Supervisors

Dr. Jeremy Ellman
Ms Shelagh Keogh

Key Publications

Some potential issues with the security of HTML5 indexedDB. / Conference paper

Performance Testing and Comparison of Client Side Databases Versus Server Side. / Conference paper

An Investigation into Possible Attacks on HTML5 IndexedDB and their Prevention. / Conference paper

Student profiles

a sign in front of a crowd

+

Northumbria Open Days

Open Days are a great way for you to get a feel of the University, the city of Newcastle upon Tyne and the course(s) you are interested in.

a person sitting at a table using a laptop

+

Fees, Funding and Scholarships

Information about all of our tuition fees, funding and scholarships.

a bridge over a body of water

+

Virtual Tour

Get an insight into life at Northumbria at the click of a button! Come and explore our videos and 360 panoramas to immerse yourself in our campuses and get a feel for what it is like studying here using our interactive virtual tour.

Latest News and Features

Innovative partnership to develop game-changing manufacturing solutions

02.08.21

A collaborative research project driven by The NBT Group, Northumbria University and Senseye…

Taka Takes on Tokyo

02.08.21

Northumbria ranks top 20 in the StudentCrowds University Awards

01.08.21

Northumbria University becomes UK's first home of world-leading spectrometer

29.07.21

Academics in search of solutions to creating more energy efficient phones and television screens…

Young entrepreneurs in the spotlight at awards

28.07.21

Students and graduates from Northumbria University were among more than 40 new business founders…

University Mental Health Charter navigation image

Northumbria demonstrates commitment to mental health by joining Mental Health Charter Programme

27.07.21

Social

Upcoming events

REVEAL 2021

Jul 01 - Jun 01

REVEAL 2021

6pm

Architecture, Built Environment and Construction Apprenticeships: Virtual Information Event

Architecture, Built Environment and Construction Apprenticeships: Virtual Information Event

Online

4pm - 5pm

Leadership, Management and Digital Marketing Apprenticeships: Virtual Information Event

Leadership, Management and Digital Marketing Apprenticeships: Virtual Information Event

Online

4pm - 6pm

British Association for Applied Linguistics 2021 Conference

Northumbria University

10am

Back to top