Stefan Kimak

PhD in Computer Science and Digital Technologies

This thesis presents an analysis of, and enhanced security model for IndexedDB, the persistent HTML5 browser based data store.

This thesis firstly argues that IndexedDB is insecure by design. That is, the design of IndexedDB means that every implementation is vulnerable to attacks such as Cross Site Scripting, and even data from databases that have been deleted may readily be stolen using appropriate software tools. This is demonstrated experimentally on both mobile and desktop browsers. IndexedDB is however capable of very high performance levels.This is demonstrated through the development of a formal performance model.

In the final component of this thesis, we propose and implement security enhancement that corrects the weaknesses in IndexedDB local storage. The enhancement uses multi factor authentication, and so is resistant to Cross Site Scripting attacks. This enhancement is then demonstrated experimentally, showing HTML5 IndexedDb may be securely used both on and offline.

Research Supervisors

Dr. Jeremy Ellman
Ms Shelagh Keogh

Key Publications

Some potential issues with the security of HTML5 indexedDB. / Conference paper

Performance Testing and Comparison of Client Side Databases Versus Server Side. / Conference paper

An Investigation into Possible Attacks on HTML5 IndexedDB and their Prevention. / Conference paper

Student profiles

Latest News and Features

Dr Craig Warren pictured with a ground penetrating radar

Northumbria University to host prestigious international conference on GPR technology

25.07.25

Scientists, engineers and researchers using and developing Ground Penetrating Radar (GPR) technology…

Libby Hutton and Megan Shaw

Award winning design students graduate from Northumbria University

25.07.25

Northumbria University is producing award-winning product designers, as students pick up accolades…

Isar Aerospace’s Spectrum rocket launch complex, Andøya, Norway, which Dr Pete Howson visisted as part of his research

Supporting the ethical development of UK spaceports

24.07.25

A Northumbria University academic is helping to ensure the UK’s ambitions to build a thriving…

From l-r: Dr Angela Sherry, Dr Emma Riley, and Dr Ciaran Kelly, of Northumbria University

Smart bacteria could transform global agricultural food production

23.07.25

With the global population expected to reach 10 billion by 2050 and crop yields declining annually,…

Newcastle upon Tyne bridges

New student-led forum launched to boost community collaboration in Newcastle

22.07.25

A new student-led group to develop and promote ways to work together to make Newcastle the…

Staff and graduates from the Certificate of Public Involvement and Co-Production modules

First cohort graduate from pioneering programme at Northumbria University

21.07.25

Learners from a pioneering and inclusive programme recording the importance of public involvement…

More news

Social

More events

Upcoming events

Understanding Clearing and Confirmation

Jul
29

Understanding Clearing and Confirmation

Virtual Event

4pm - 5pm

NU Advice: Your Future (Employability)

Jul
31

NU Advice: Your Future (Employability)

4pm - 5pm

UK Arctic Science Conference 2025

Sep 09 - 11

UK Arctic Science Conference 2025

Northumbria University

9am

Turning that ship around

Sep
16

Turning that ship around

Lecture Theatre 003

9am - 4pm

Back to top