Difference between revisions of "Session"
(→Context) |
(→Device Bound Credentials) |
||
| (3 intermediate revisions by the same user not shown) | |||
| Line 14: | Line 14: | ||
A long lived session can sometime be called a relationship, as between a customer and a service provider. As a rule the session is created first and then formalized into a relationship. | A long lived session can sometime be called a relationship, as between a customer and a service provider. As a rule the session is created first and then formalized into a relationship. | ||
| − | In networking a session could be at different levels: | + | In networking a session could be at different levels, the ISO laying is a 7 levels, we will consider only these here: |
# Connection | # Connection | ||
# Network | # Network | ||
| + | # Media stream, audio, video, etc. | ||
# Application | # Application | ||
| + | # Device Bound Credentials | ||
| + | A session at a higher might continue while a session at a lower level may come and go. | ||
Each context has unique requirements for session management, such as security, scalability, and performance. | Each context has unique requirements for session management, such as security, scalability, and performance. | ||
| + | |||
| + | ==Device Bound Credentials== | ||
| + | [https://www.w3.org/TR/dbsc/ Device Bound Session Credentials] is a W3C standard designed to help [[Web App]]s avoid dependence on [[Cookies]], which cannot be made secure. | ||
==References== | ==References== | ||
[[Category: Networking]] | [[Category: Networking]] | ||
Latest revision as of 13:38, 28 September 2025
Meme
A session is an enduring connection between two or more entities.
Context
There are multiple contexts for a Session which leads to different views so the context must be clear before a meaningful discussion can occur. Here are some examples:
- User Authentication: A session is established between a user and a system to maintain authentication status. This could involve session tokens or cookies to track the user's login state.
- Client-Server Communication: In web applications, sessions manage interactions between a client (browser) and a server. They can be activity-based (extended with user actions) or time-based (expire after a set duration).
- Database Transactions: Sessions in databases manage a series of operations that must be executed as a single unit. This ensures data consistency and integrity, especially in multi-user environments.
- API Interactions: When two systems communicate via APIs, sessions can track the state of the interaction, such as ongoing data exchanges or authentication.
- IoT Devices: Sessions between IoT devices and their control systems ensure secure and continuous communication, often involving encryption and periodic re-authentication.
- Distributed Systems: In systems with multiple components, sessions help coordinate interactions between different services or nodes, ensuring smooth operation.
- Gaming: Multiplayer games use sessions to manage player interactions, game state, and server communication during game-play.
A long lived session can sometime be called a relationship, as between a customer and a service provider. As a rule the session is created first and then formalized into a relationship.
In networking a session could be at different levels, the ISO laying is a 7 levels, we will consider only these here:
- Connection
- Network
- Media stream, audio, video, etc.
- Application
- Device Bound Credentials
A session at a higher might continue while a session at a lower level may come and go.
Each context has unique requirements for session management, such as security, scalability, and performance.
Device Bound Credentials
Device Bound Session Credentials is a W3C standard designed to help Web Apps avoid dependence on Cookies, which cannot be made secure.
