Additionally under the IETF OAuth2 specification family, there is JWT (JSON Web Token) draft.
PicketBox Core provides an implementation for these specifications. It should enable users to receive secure JSON messages as well as transmit secure JSON messages. Irrespective of whether your client is a mobile device (native or html5 apps) or a browser application, you can always write server side programs using PicketBox core JSON security.
This forms the basic JSON Structure for security.
JWS is used to sign JSON messages.
You will need access to the recipients's Public Key while encrypting a JSON message.
JWE is used to encrypt/decrypt JSON messages.