Security Guidance for the Use of JSON and JSON Schemas

Abstract: This paper provides guidance for creating JSON schemas. Validating JSON instance documents against properly designed JSON schemas can reduce the risk of transferring unauthorized or malicious data. Note that schema validation alone is not enough to prevent transfer of unauthorized data; users must perform other content filtering such as dirty word and anti-virus checks, in conjunction with schema validation.  The intended audience of this paper includes system engineers, designers, and testers who work with JSON and/or JSON schemas.

Date Published:

Last Reviewed: 12 July 2017

Identifier: CCG U/OO/800734-17

Creator: Information Assurance Capabilities

Dissemination Control: N/A

Length: 49 page(s)

Format: pdf

Type: Reference/Overview; Report

Tags: validation; Security; JavaScript Object Notation; JSON; JSON Schema