2

Hi I am using JSON on User Interface side. I want to protect that data. What are the possible ways I can protect my JSON. I have a scenario where I am having JSON Object with data on User Interface side. While performing update operation using jquery postback I am updating the JSON data and sending it back to the server. My concern here is how can I save JSON object from users to append any new object in the existing JSON object. I hope i am clear about my requirement .

Utsav
  • 149
  • 2
  • 7
  • 3
    Protect it from who? The user? People sniffing the network? Protect it against what type of attacks? How, specifically, is the JSON being used in the application? – Polynomial Jan 31 '14 at 13:31
  • 1
    If you're talking about Javascript attacks, the answer to your question is here: http://stackoverflow.com/q/3146798/328397 I'd post as an answer but this question is on hold – makerofthings7 Feb 01 '14 at 08:05
  • Can you please explain more on this or is their any sample or blog that explains this briefly please share. – Utsav Feb 01 '14 at 15:29

1 Answers1

1

After some clarification in the comment I guess I can see where we're heading. You need data integrity protection. Digitally sign the json data using a hash algorithm (md5, sha-1, etc) and put the sign inside the json file. Next you need some sort of mechanism identyfing whether the data was forged or not.

Andrzej Bobak
  • 119
  • 5
  • 1
    This isn't a particularly helpful answer IMO as just saying 'go encrypt it' is like giving a child a gun and telling them to protect themselves. It probably won't end well. If you could elaborate on what sorts of encryption protocols would work especially in the context of a browser (he says in the UI so assuming browser) that would help. – Steve Jan 31 '14 at 17:29
  • He's not really saying much. So without the wider context it's no use to go into details. – Andrzej Bobak Jan 31 '14 at 22:02
  • So why give an answer at all then? – Steve Feb 01 '14 at 00:11
  • I have a scenario where I am having JSON Object with data on User Interface side. While performing update operation using jquery postback I am updating the JSON data and sending it back to the server. My concern here is how can I save JSON object from users to append any new object in the existing JSON object. I hope i am clear about my requirement . – Utsav Feb 01 '14 at 07:08
  • Ok but if i digitally signed the data and if i will put the sign in the json object it is exposed to the outer world any one can come and play with it , and what type of mechanism i can use for checking the data integrity whether it has been altered or not, please share any sample or blog that explains this properly. – Utsav Feb 01 '14 at 15:27
  • I guess you should read more about asymmetric cryptography first. – Andrzej Bobak Feb 02 '14 at 21:03