Stefan Kimak

PhD in Computer Science and Digital Technologies

This thesis presents an analysis of, and enhanced security model for IndexedDB, the persistent HTML5 browser based data store.

This thesis firstly argues that IndexedDB is insecure by design. That is, the design of IndexedDB means that every implementation is vulnerable to attacks such as Cross Site Scripting, and even data from databases that have been deleted may readily be stolen using appropriate software tools. This is demonstrated experimentally on both mobile and desktop browsers. IndexedDB is however capable of very high performance levels.This is demonstrated through the development of a formal performance model.

In the final component of this thesis, we propose and implement security enhancement that corrects the weaknesses in IndexedDB local storage. The enhancement uses multi factor authentication, and so is resistant to Cross Site Scripting attacks. This enhancement is then demonstrated experimentally, showing HTML5 IndexedDb may be securely used both on and offline.

Research Supervisors

Dr. Jeremy Ellman
Ms Shelagh Keogh

Key Publications

Some potential issues with the security of HTML5 indexedDB. / Conference paper

Performance Testing and Comparison of Client Side Databases Versus Server Side. / Conference paper

An Investigation into Possible Attacks on HTML5 IndexedDB and their Prevention. / Conference paper

Student profiles

Latest News and Features

Lord Bishop visit

Bishop of Newcastle visits Northumbria to tackle questions on the social economy

10.07.25

Northumbria University’s Newcastle Business School recently welcomed Bishop of Newcastle The…

A view of the River Tyne and Dunston Staithes. Adobe Stock/Graeme J Baty.

Pioneering collaboration will create new Green Corridors in the North East

10.07.25

A researcher at Northumbria University is part of a collaboration to create three new ‘Green…

pictured are three women, standing side by side, in a lab with equipment around them.

Major breakthrough in Maser research for Northumbria scientists

09.07.25

Scientists at Northumbria University have made a breakthrough in developing a new type of ‘microwave…

Northumbria to roll out new AI platform for staff and students

09.07.25

Northumbria University is to provide its students and staff with access to Claude for Education…

Sexualised masculinity book cover

From Love Island to algorithms – how men’s bodies are becoming objects of display and desire

04.07.25

In a media world saturated with gym selfies, reality TV abs, and influencer thirst traps, a…

L-R: Professor Ioannis Vogiatzis of Northumbria University and Paul Court, Chief Executive of Healthworks

Partnership provides a boost for North East community health research

03.07.25

A pioneering partnership between Northumbria University and award-winning community charity…

More news

Social

More events

Upcoming events

REVEAL: Social Sciences - Sociology and Criminology

Jun 25 - Jul 15

REVEAL: Social Sciences - Sociology and Criminology

Student Central (Library Building), Ground floor foyer

5pm

Society of Chemical Industry Electrochemistry Postgraduate Conference 2025

Jul
25

Society of Chemical Industry Electrochemistry Postgraduate Conference 2025

Northumbria University Business and Law School (CCE1)

9.30am - 5.30pm

Understanding Clearing and Confirmation

Jul
29

Understanding Clearing and Confirmation

Virtual Event

4pm - 5pm

NU Advice: Your Future (Employability)

Jul
31

NU Advice: Your Future (Employability)

4pm - 5pm

Back to top