1. Field of the Invention
This invention pertains in general to computer security and in particular to detecting and selectively blocking cookies in network communications.
2. Description of the Related Art
A cookie (also known as browser cookie, tracking cookie, web cookie and Internet cookie) is a string of text given to a web browser by a web server. The web browser stores the cookie on a web browser user's computer. The cookie is sent back to the web server each time the web browser requests a web page from the web server. Cookies allow a website to store information on a user's computer and later retrieve it. Cookies allow the website to uniquely identify the user and therefore support functions such as authentication and retention of user preferences.
Cookies can be used to track a user's page browsing at a website. In addition, cookies provided by certain types of third parties, such as online advertisers, can be used to track a user's browsing habits across a variety of websites. Such tracking can allow the third party to build a profile of the user and, in some instances, provide targeted advertising based on the profile. The use of such profiles and targeted advertising introduces privacy concerns as some users prefer that their web browsing activities not be tracked.
One way to overcome the privacy concerns introduced by such tracking cookies is to configure the user's web browser to block all cookies. However, blocking all cookies can interfere with legitimate web site operations and negatively impact the user's browsing experience. Another way to address the privacy concerns is to scan the user's computer for tracking cookies, flag the cookies as security risks, and allow the user to remove the cookies. This scanning technique is resource intensive and can confuse the user as to the nature of the risk presented by the cookies.
Another problem associated with scanning for cookies is that it does not scale well. For example, a domain-based whitelist or blacklist allows a security system to allow or block cookies from listed websites. However, these lists must be provided to the user's computer and require constant updates to stay current. Thus there is a need for techniques for handling tracking cookies that do not suffer from these drawbacks.