I would suggest:Not to use Session as it consume server resource unnecessarily.
http://oauth.net/[
^] can be used as alternative which can be used to generate tokens,
which in turn can be stored in cookies.
If you want to go ahead with Session,
after each postback enable javascript timer for 9 minute.
after 9 min display the notification with message may be browser popup,and when user clicks "OK";
send ajax request to one of server page to keep alive the session.