Stefan Kimak

PhD in Computer Science and Digital Technologies

This thesis presents an analysis of, and enhanced security model for IndexedDB, the persistent HTML5 browser based data store.

This thesis firstly argues that IndexedDB is insecure by design. That is, the design of IndexedDB means that every implementation is vulnerable to attacks such as Cross Site Scripting, and even data from databases that have been deleted may readily be stolen using appropriate software tools. This is demonstrated experimentally on both mobile and desktop browsers. IndexedDB is however capable of very high performance levels.This is demonstrated through the development of a formal performance model.

In the final component of this thesis, we propose and implement security enhancement that corrects the weaknesses in IndexedDB local storage. The enhancement uses multi factor authentication, and so is resistant to Cross Site Scripting attacks. This enhancement is then demonstrated experimentally, showing HTML5 IndexedDb may be securely used both on and offline.

Research Supervisors

Dr. Jeremy Ellman
Ms Shelagh Keogh

Key Publications

Some potential issues with the security of HTML5 indexedDB. / Conference paper

Performance Testing and Comparison of Client Side Databases Versus Server Side. / Conference paper

An Investigation into Possible Attacks on HTML5 IndexedDB and their Prevention. / Conference paper

Student profiles

Latest News and Features

Northumbria University researchers have joined forces with the International Federation of Red Cross and Red Crescent Societies (IFRC) to deliver the third edition of the IFRC Limitless Youth Innovation Leadership Academy – a programme which has already reached thousands of young people across 150 countries with the aim of driving youth innovation.

Developing technology to help empower young innovators across the globe

16.02.26

Northumbria University researchers have joined forces with the International Federation of…

Jack Parker sitting in a chair

Working-class roots drive North East graduate’s AI healthcare revolution

12.02.26

A Northumbria University graduate has developed groundbreaking AI technology that could save…

Cllr Guy Renner Thompson and Professor Greta Defeyter with HAF Plus participants at Northumbria University

Families back nationwide school holiday activities programme in record survey

12.02.26

A landmark survey of 20,000 parents and carers has revealed overwhelming support for the Government's…

Scaling-up global solar panel manufacturing sustainably

10.02.26

Pioneering research led by Northumbria University shows how the renewable energy sector can…

UUK Business Experts and VC

Business leaders and universities unite to pave way for a new era of skilled graduate jobs

09.02.26

Leaders from national, international and regional businesses including Greggs, Siemens Energy…

Professor Susan Edwards.

Northumbria Professor recognised for pioneering work on domestic abuse and gender-based violence

06.02.26

A leading legal academic from Northumbria University has been awarded the prestigious title…

More news

Social

More events

Upcoming events

On Weaving

Jan 19 - Feb 21

On Weaving

Gallery North

Accidental Death of an Anarchist

Feb 18 - 19

Accidental Death of an Anarchist

6pm

EY Degree Apprenticeship Information Event

Feb
24

EY Degree Apprenticeship Information Event

Northumbria University

5pm - 7pm

Next Stop Northumbria

Feb
28

Next Stop Northumbria

The Queens Hotel

10am - 1pm

Back to top