Ciência_Iscte Publicações Descrição Detalhada da Publicação Exportar

Exportar Publicação

A publicação pode ser exportada nos seguintes formatos: referência da APA (American Psychological Association), referência do IEEE (Institute of Electrical and Electronics Engineers), BibTeX e RIS.

Exportar Referência (APA)

Santos, T. & Serrão, C. (2017). Granular confidentiality and integrity of JSON messages. International Journal of Intelligent Computing Research. 8 (2), 839-848

Exportar Referência (IEEE)

T. M. Santos and C. J. Serrão,  "Granular confidentiality and integrity of JSON messages", in Int. Journal of Intelligent Computing Research, vol. 8, no. 2, pp. 839-848, 2017

Exportar BibTeX

@article{santos2017_1775817521948,
	author = "Santos, T. and Serrão, C.",
	title = "Granular confidentiality and integrity of JSON messages",
	journal = "International Journal of Intelligent Computing Research",
	year = "2017",
	volume = "8",
	number = "2",
	doi = "10.20533/ijicr.2042.4655.2017.0103",
	pages = "839-848",
	url = "http://infonomics-society.org/ijicr/"
}

Exportar RIS

TY - JOUR
TI - Granular confidentiality and integrity of JSON messages
T2 - International Journal of Intelligent Computing Research
VL - 8
IS - 2
AU - Santos, T.
AU - Serrão, C.
PY - 2017
SP - 839-848
SN - 2042-4655
DO - 10.20533/ijicr.2042.4655.2017.0103
UR - http://infonomics-society.org/ijicr/
AB - Modern web and mobile-based applications exchange information with each other and with other services, through specific APIs that extend the applications multipart functionality and enable interoperable information exchange. Currently these mechanisms are implemented through the usage of RESTful APIs and data interchange is performed using the JSON format over the HTTP or HTTPS protocol. Most of the times, due to specific security requirements, the SSL/TLS protocol is used to create a secure authenticated channel between the two- communicating service end-points, where all the content is encrypted. This is an important security feature if the sender and the receptor are the only communicating parties, however this may not be the case. In this paper, a granular mechanism for selectively offering confidentiality and integrity to JSON messages, through the usage of public-key cryptography is presented. The proposed mechanism, as take in to consideration already existing mechanisms, such as XML security, to best fit developers’ acquaintance. In this paper, we will present the proposal of the syntax for the secure JSON format (SecJSON) and present a prototype implementation of that particular specification that was created to offer developers, written in Javascript and Node.JS, the possibility to offer this security mechanism into their own services and applications.
ER -