Injection attacks can occur when transmitted data is not interpreted the same way by both the sender and the receiver. Guaranteeing equivalence in data interpretation by both the sender and the receiver is called operational congruity. There is a simple technique for achieving guaranteeing operational congruity: separating fields of data on the basis of their length. When the length of the data is known in advance, there is no risk of misinterpreting it on the basis of spaces or other text delimiters. The Distinguished Encoding Rules, or DER, of the ASN.1 standard follows this approach; however, the DER specification includes numerous constraints and its implementation involves some complexity. The Secure Protocol Format, or SPF, was created as a simplified version of DER. Thus, SPF prevents command injection attacks by guaranteeing that the interpretation of data cannot change during transfer.

Features

  • Protection against all injection attacks
  • Data transmission security

Project Activity

See All Activity >

Categories

Data Formats, Security, Software Development

License

BSD License

Follow Secure Protocol Format

Secure Protocol Format Web Site

You Might Also Like
Our Free Plans just got better! | Auth0 by Okta Icon
Our Free Plans just got better! | Auth0 by Okta

With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your secuirty. Auth0 now, thank yourself later.
Try free now
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of Secure Protocol Format!

Additional Project Details

Intended Audience

Developers

Programming Language

C++

Related Categories

C++ Data Formats Software, C++ Security Software, C++ Software Development Software

Registered

2022-06-21
Report inappropriate content