Token - what is this?

Information at all times was an important component of human activities. Some of its species were widespread, and access to others was limited. There were always ways to hide some of the information. To restrict access to classified information, its media were placed in carefully protected places, of which only a small circle of people knew.

At the present time, when electronic media become carriers of information, new requirements have appeared for the protection of confidential information. One of these means will be discussed in this article.

Definition

One computer can be used by persons who have access to various parts of the information available in it. In order to differentiate access, authentication and authentication procedures are used.

In simple terms, the identification answers the question "Who needs access?", And the authentication to the question "Does he give himself for whom?".

Identification does not require any tricks, since those who want to access information openly call themselves, and authentication is a complex procedure that ensures the protection of information.

Currently, the most reliable method of authentication is the one using a token. What is a token? We answer this question below in the text.

In the technical literature, the token is defined as a small-sized device that provides information security and is used, in addition, to identify its owner. This definition gives an idea of the purpose, but still the full picture does not give such a notion as a token.

What is a token in full understanding, will be discussed further. We will give more detailed information on this topic. In the process of further development, the concept of "token" can be replaced by the word "device" in the case and in the number corresponding to the context.

Types of devices

There are the following types of devices:

• Without connection;
• With connection.

As you can see from the name, the first ones do not connect to the computer. They have a display on which, at the user's request, a number is displayed, and the last user manually enters into the computer, which provides access to the required resource.

The second must be connected to the computer wired or wirelessly. Such devices transmit the information required for identification to the computer, immediately after the connection is established, so that there is no need for manual input of information.

To connect devices using wires in the computer, you need the appropriate input, in particular, it can be a USB port.

The most known connected devices are USB tokens and smart cards.

Wireless tokens - what is it? These are devices that provide more convenient use, since devices can be, for example, in the form of key fobs, simplifying, in particular, the process of storing them.

Other functions performed by devices

From the above, you can already add at least a figurative insight into the token, what it is and how it works. However, in addition to authentication and identification, it can also:

1. Perform encryption and decryption according to encryption algorithms.
2. Provide the generation of encryption keys.
3. Create and verify the digital signature.
4. Hash data.

The Token can actually be considered a microcomputer, since it has operational and long-term memory, as well as a microprocessor.

Problems with devices

Although tokens are currently the most reliable means of authentication, they can be vulnerable. What, first of all, should be aware of such an electronic key as a token? What is a device it is possible to hack and bypass its protection.

The most understandable vulnerability is its loss. But in general, problems with data security do not arise, because if someone takes possession of the device, it will not be able to access the relevant information, because there is usually two-factor authentication.

However, a system that allows a user to authenticate via the Internet, which is not a reliable network in terms of security, can be vulnerable, since an attacker has the ability to intercept messages when exchanging two users and make arbitrary changes to them.

In general, the token says more than enough. But in addition to the presented definitions, on the Internet it is still referred to the gaming industry. On the Internet, the question "What is an incorrect token?" Is often encountered. This in overwhelming cases has nothing to do with the topic discussed above. This is, as a rule, about the elements of various games. And the issues of eliminating the corresponding problems should be solved with respect to each particular game.