- What is a security token for?
- How do security keys work?
- Access security tokens remotely
- Types of security tokens
What is a security token for?
The security token is a small electronic device designed for secure two-factor authentication of users, generation and storage of encryption keys, electronic signature keys, digital certificates and other sensitive data.
Security tokens are used as intellectual key carriers and means of electronic signature in PKI systems, in systems of legally significant electronic document management and in other information systems based on electronic signature technologies. Security keys allow performing cryptographic operations in such a way that private information never leaves the device. Thus, the possibility of compromising the key is excluded and the overall security of the information system is increased.
How does a USB security key work?
As we already know, security tokens provide two-factor authentication in computer systems. In order for the authentication to be successful, at least two conditions need to be met: the user's knowledge of the PIN and the physical presence of the USB token. This provides a much higher level of security compared to traditional password authentication.
The USB security token consists of a microcontroller and built-in protected memory where user's data is securely stored. To unblock the functionality of a protected app, you just need to connect the security key to your computer so that the program can identify it.
Electronic identifiers of most modern USB tokens support the basic international standards in the field of information security. This makes it easy to integrate them into the existing information systems.
The challenge of remote access to USB tokens
Probably the most common problem you may face working with USB security keys is the inability to forward them to a virtual environment. By default, most virtual machines do not provide access to the functionality and contents of devices attached to the host machine. So, you’ll need to find the way to duplicate your device to share it between your guest and host OSes.
Certain difficulties may also appear if you try to provide access to the same USB token for multiple users over the network. If there’s token based authentication in your company and you need to share, let’s say, a bank token among several team members, you’re most likely to need a dedicated third-party tool to help you copy the device to remote computers.