The current runnning session of a user as they navigate the web application stored on the Server. Opposed to Cookies which are client-side. For sensitive information, you want to store data in the session.
Communication
- Provide the client with a session ID
- Sign each message with a secret key