LLMpediaThe first transparent, open encyclopedia generated by LLMs

CBOR

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: Eclipse IoT Hop 4
Expansion Funnel Raw 102 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted102
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
CBOR
NameConcise Binary Object Representation
DeveloperIETF CBOR WG
Introduced2013
Latest releaseRFC 8949 (2020)
File extension.cbor
Mimeapplication/cbor
LicenseIETF standards

CBOR

CBOR is a compact binary serialization format standardized by the IETF that encodes structured data for constrained environments. It is designed to interoperate with existing systems and protocols used by organizations such as Internet Engineering Task Force, World Wide Web Consortium, European Telecommunications Standards Institute, Google, and Apple. Implementations of CBOR appear across projects from Mozilla to Linux Foundation initiatives and are referenced in work by researchers at MIT, Stanford University, Carnegie Mellon University, ETH Zurich, and University of Cambridge.

Overview

CBOR provides a schema-less, binary representation intended for use in contexts that include IoT platforms like Eclipse IoT, messaging systems such as MQTT and AMQP, and web APIs developed by companies like Amazon and Microsoft. It maps to abstract data models similar to those used in JSON, enabling interchange with systems built on Apache HTTP Server, Nginx, Node.js, Django, and Ruby on Rails. The format is suitable for constrained devices used in projects from Arduino and Raspberry Pi to commercial products by Samsung and Siemens.

History and Development

The CBOR specification emerged through discussions in the IETF working group process, drawing on lessons from formats like ASN.1, MessagePack, and Protocol Buffers. Early contributors included engineers affiliated with Cisco Systems, IBM, Huawei, Ericsson, and academics from Imperial College London and University of California, Berkeley. Key milestones include publication of RFCs influenced by standards work at IETF Data Format Working Group and adoption in standards by bodies such as 3GPP and OASIS. Subsequent revisions incorporated feedback from implementers at Red Hat, Intel, Broadcom, and research labs at Bell Labs.

Data Model and Encoding

CBOR encodes values—integers, floating point numbers, byte strings, text strings, arrays, maps, booleans, and null—using a type-and-additional-info initial byte, a design concept shared with encodings seen in ASN.1 Basic Encoding Rules and inspired by compact serialization used in TIFF and PNG. The model supports indefinite-length containers and tagging, enabling interoperability with typed data from ecosystems such as XML, Protocol Buffers, and Avro. Numeric encoding choices reflect work done at institutions like NIST and ISO to balance space and precision requirements for applications used by NASA and ESA. CBOR’s tagging mechanism allows annotating data with semantic types used by projects from OpenStreetMap to Wikidata.

Features and Extensions

CBOR includes extensibility via standardized tags and application-defined semantics; notable extensions include Concise Binary Object Representation for Links and formats used in COSE for object security and CWT for token formats in authentication stacks like OAuth 2.0 and OpenID Connect. Features such as canonical encoding modes facilitate deterministic serialization required by blockchain platforms like Ethereum and by signature schemes adopted at IETF JOSE-related work. Implementers in environments from FreeRTOS to Android leverage optional features for streaming, incremental parsing, and error resilience akin to approaches used in HTTP/2 and QUIC.

Implementations and Libraries

A broad range of libraries exists across programming languages and ecosystems: implementations for C and C++ used in Zephyr Project and Embedded Linux; libraries for Java and Kotlin used in Spring Framework and Android apps; modules for Python, Ruby, PHP, Perl, and Go used in backend services by companies such as Twitter and Dropbox; and JavaScript implementations integrating with React and Angular. Notable open-source projects and repositories on platforms like GitHub and GitLab include ports maintained by communities around Eclipse Foundation, Apache Software Foundation, and commercial vendors including Oracle and VMware.

Security and Interoperability

Security considerations for CBOR intersect with standards for cryptographic message formats such as COSE, CMS, and PKCS families; secure deployments reference guidance from IETF Security Area, OWASP, NIST and audits by firms like KPMG and Deloitte. Interoperability testing is conducted by consortia such as FIDO Alliance, Open Connectivity Foundation, and industry groups including GSMA and Zigbee Alliance to ensure cross-vendor compatibility among devices from Philips Hue to Bosch. Attack surfaces include malformed encodings, tag confusion, and resource exhaustion—areas addressed by techniques advocated in publications from IEEE and ACM and by static analysis tools used at Google and Facebook.

Category:Data serialization formats