Information at all times has been an important component of human activity. Some species of it were widespread, while access to others was limited. There have always been ways to hide part of certain information. To limit access to classified information, its carriers were located in carefully guarded places, of which only a small circle of people knew.
At present, when electronic media became information carriers, new requirements for the protection of confidential information have appeared. One of such tools will be discussed in this article.
Definition
One computer can be used by persons who have access to various parts of the information available in it. In order to differentiate access, identification and authentication procedures are used.
In simple terms, identification answers the question “Who needs access?”, And authentication answers the question “Does he impersonate himself?”.
Identification does not require any tricks, since anyone who wants to access information openly calls himself, and authentication is a complex procedure that ensures the protection of information.
Currently, the most reliable authentication method is considered one in which a token is used . What is a token? We will answer this question below.
In the technical literature, a token is defined as a small device that provides information security and is used, moreover, to identify its holder. This definition gives an idea of the purpose, but still does not give a complete picture to such a concept as a token.
What is a token in full understanding will be discussed later. We will give more detailed information on this subject. Moreover, in the process of further presentation, the concept of “token” can be replaced by the word “device” in the case and number, appropriate to the context.
Types of devices
The following types of devices are available:
- without connection;
- with connection.
As the name implies, the former do not connect to the computer. They have a display on which, at the request of the user, a number is displayed, and the last user manually enters into the computer, thereby providing access to the necessary resource.
The second should be connected to the computer by wire or wireless. Such devices transmit the information required for identification to the computer immediately after the connection is established, which eliminates the need for manual input of information.
To connect devices using wires in a computer, the corresponding input is required, in particular, it can be a USB port.
The most famous plug-in devices are USB tokens and smart cards.
Wireless tokens - what is it? These are devices that provide more convenient use, since the devices can be, for example, in the form of key rings, simplifying, in particular, the process of their storage.
Other functions performed by devices
From the above, you can already add up at least a figurative understanding of the token, what it is and how it works. However, in addition to authentication and identification, it can also:
- Perform encryption and decryption according to encryption algorithms.
- Provide encryption key generation.
- Create and verify an electronic digital signature.
- Perform data hashing.
The token can actually be considered a microcomputer, since it has operational and long-term memory, as well as a microprocessor.
Device Issues
Although tokens are currently the most reliable means of authentication, they can be vulnerable. What should you first know about an electronic key such as a token? What such a device is possible to crack and bypass its protection.
The most understandable vulnerability is its loss. But in general, there are no problems with data security, because if someone has taken possession of the device, he will not be able to access the relevant information, since there is usually two-factor authentication.
However, a system that allows a user to authenticate via the Internet, which is not a reliable network from the point of view of security, can be vulnerable, since an attacker has the ability to intercept messages when exchanging two users and make arbitrary changes to them.
In general, more than enough has been said about the token. But in addition to the definitions presented, on the Internet it is also referred to the gaming industry. On the Internet, the question "What is the wrong token?" In overwhelming cases, this is not related to the topic discussed above. It is usually about the elements of various games. And the issues of eliminating the corresponding problems should be addressed in relation to each specific game.