Ciência-IUL
Publicações
Descrição Detalhada da Publicação
Secure Javascript Object Notation (SecJSON): Enabling granular confidentiality and integrity of JSON documents
2016 11th International Conference for Internet Technology and Secured Transactions (ICITST)
Ano (publicação definitiva)
2016
Língua
Inglês
País
Estados Unidos da América
Mais Informação
Web of Science®
Scopus
Google Scholar
Abstract/Resumo
Currently, web and mobile-based systems exchange information with other services, mostly through APIs that extend the functionality and enable multipart interoperable information exchange. Most of this is accomplished through the usage of RESTful APIs and data exchange that is conducted using JSON over the HTTP or HTTPS protocol. In the case of the exchange requires some specific security requirements, SSL/TLS protocol is used to create a secure authenticated channel between the two communication end-points. This is a scenario where all the content of the channels is encrypted and is useful if the sender and the receptor are the only communicating parties, however this may not be the case. The authors of this paper, present a granular mechanism for selectively offering confidentiality and integrity to JSON documents, through the usage of public-key cryptography, based on the mechanisms that have been used also to provide XML security. The paper presents the proposal of the syntax for the SecJSON mechanism and an implementation that was created to offer developers the possibility to offer this security mechanism into their own services and applications.
Agradecimentos/Acknowledgements
--
Palavras-chave
Security,Integrity,Confidentiality,API,JSON,HTTPS,SSL/TLS
Classificação Fields of Science and Technology
- Ciências Físicas - Ciências Naturais
Registos de financiamentos
Referência de financiamento | Entidade Financiadora |
---|---|
UID/MULTI/0446/2013 | Fundação para a Ciência e Tecnologia |