This is in reference to my earlier blog:
http://www.urgentevoke.com/profiles/blogs/first-evoke-hack-evoke-apiTo give everyone some background, I've been building WebApps for around 10 years now. I've worked as a developer all the way to a system architect. So when I made my post this morning about how to "Hack Evoke", I felt a little bad, and decided I wanted to make sure something good came out of it.
So I'm going to talk about something called Tokenization, which a design pattern you can use in many applications, but the one I use it for is to protect from people like me when creating WebApps.
First let me say that I was shocked to see that wikipedia did not have a section on this yet, and so I will be sure to start one. Here's the closest thing I could find on Wikipedia:
http://en.wikipedia.org/wiki/Tokenization_%28data_security%29Anyways, tokenization is a simple principle of hiding information through an alias. Here's how it works:
1. A client comes to the server, and is given a unique ID, called a token
2. Now, whenever the client does anything or submits any information, you store that data on the server side so that it can not be tainted.
That's pretty much it, but it is a very powerful tool to keep your data safe :)
P.S. I'm at work now, but I'll come back to clean this up and fill in more details.
You need to be a member of Urgent Evoke to add comments!
Join Urgent Evoke