Ciência-IUL
Publications
Publication Detailed Description
Secure Javascript Object Notation (SecJSON): Enabling granular confidentiality and integrity of JSON documents
2016 11th International Conference for Internet Technology and Secured Transactions (ICITST)
Year (definitive publication)
2016
Language
English
Country
United States of America
More Information
Web of Science®
Scopus
Google Scholar
Abstract
Currently, web and mobile-based systems exchange information with other services, mostly through APIs that extend the functionality and enable multipart interoperable information exchange. Most of this is accomplished through the usage of RESTful APIs and data exchange that is conducted using JSON over the HTTP or HTTPS protocol. In the case of the exchange requires some specific security requirements, SSL/TLS protocol is used to create a secure authenticated channel between the two communication end-points. This is a scenario where all the content of the channels is encrypted and is useful if the sender and the receptor are the only communicating parties, however this may not be the case. The authors of this paper, present a granular mechanism for selectively offering confidentiality and integrity to JSON documents, through the usage of public-key cryptography, based on the mechanisms that have been used also to provide XML security. The paper presents the proposal of the syntax for the SecJSON mechanism and an implementation that was created to offer developers the possibility to offer this security mechanism into their own services and applications.
Acknowledgements
--
Keywords
Security,Integrity,Confidentiality,API,JSON,HTTPS,SSL/TLS
Fields of Science and Technology Classification
- Physical Sciences - Natural Sciences
Funding Records
Funding Reference | Funding Entity |
---|---|
UID/MULTI/0446/2013 | Fundação para a Ciência e Tecnologia |