SCS: Secure Cookie Sessions for HTTP
This document provides an overview of SCS, a cryptographic protocol aimed at the protection of "client-side" HTTP sessions, i.e. sessions in which the application state is held entirely on the client in the form of cookies [10].