A New Approach to Enteprise Data Security: Tokenization - Page 2

Gary Palgon

Tokenization in an Enterprise

The most effective token servers combine tokenization with encryption, hashing and masking to deliver an intelligent and flexible data security strategy. Under the tokenization model, data that needs to be encrypted is passed to the token server where it is encrypted and stored in the central data vault. The token server then issues a token, which is placed into applications or databases where required. When an application or database needs access to the encrypted value, it makes a call to the token server using the token to request the full value.

Referential integrity can introduce problems where various applications (e.g., data warehouses) and databases use the sensitive data values as primary or foreign keys to run queries and to perform data analysis. When the sensitive fields are encrypted, they often impede these operations since, by definition, encryption algorithms generate random encrypted values - this is to say that the same encrypted value (a credit card, for instance) does not always generate the same encrypted value. While there are methods to make it consistent, there are risks associated with removing the �randomization' from encryption. A consistent, format-sensitive token eliminates this issue.

With format preserving tokenization, the relationship between data and token is preserved - even when encryption keys are rotated. The central data vault contains a single encrypted version of each original plain text field. This is true even when encryption keys change over time, because there is only one instance of the encrypted value in the data silo. This means the returned tokens are always consistent whenever the same data value is encrypted throughout the enterprise. Since the token server maintains a strict one-to-one relationship between the token and data value, tokens can be used as primary and foreign keys and referential integrity can be assured whenever the encrypted field is present across multiple data sets. And since records are only created once for each given data value (and token) within the data vault, storage space requirements are minimized.

Maintaining referential integrity is also useful for complying with European privacy laws that regulate the electronic transfer of social insurance numbers across international borders. Using tokens in place of encrypted values meet the requirement of the law, yet allow for data analysis across borders.

Tokenization in Practice

There are two scenarios where implementing a token strategy can be beneficial: to reduce the number of places sensitive encrypted data resides; and to reduce the scope of a PCI DSS audit. The hub and spoke model is the same for both. The hub contains three components: a centralized encryption key manager to manage the lifecycle of keys; a token server to encrypt data and generate tokens; and a central data vault to hold the encrypted values, or cipher text. The spokes are the endpoints where sensitive data originates such as point-of-sale terminals in retail stores or the servers in a department, call center or website.


Tokenization reduces the scope of risk, data storage requirements and changes to applications and databases, while maintaining referential integrity and streamlining the auditing process for regulatory compliance. Suitable to heterogeneous IT environments that use mainframes and distributed systems for back office applications and a variety of endpoints, tokenisation presents a number of benefits to CISOs tasked with protecting all types of confidential information. The higher the volume of data and the more types of sensitive data you collect and protect, the more valuable tokenization becomes.

Fortunately, incorporating tokenization requires little more than adding a token server and a central data vault. For companies that need to comply with PCI DSS, tokenization has the added advantage of taking applications, databases and systems out of scope, reducing the complexity and cost of initial compliance and annual audits.

Add Comment      Leave a comment on this blog post
Feb 17, 2010 11:02 PM Jim Jim  says:
Limited time for a great deal at www.prevensys.com - full system for only $4,995. Reply
Aug 18, 2011 4:08 PM haleine haleine  says:
Very wonderful info can be found on web blog. Reply
Sep 22, 2011 2:09 PM faire revenir son ex faire revenir son ex  says:
Hello, you used to write fantastic, but the last few posts have been kinda boring� I miss your great writings. Past several posts are just a little out of track! come on! Reply

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.