PREEMINENT TRUSTED GLOBAL—~—_________ INFORMATION SECURITY COMMUNITY

Next Generation Tokenization forCompliance and Cloud Data ProtectionBy Ulf 1~v.1attsson — ISSA member, New York Metro, USA Chapter

This arLicle will discuss how next-generation tokenization protects data as it flows across

systems while minimizing PCI compliance costs.

AbstractMeeting PCI DSS compliance is important, but it is also imperative to understand that compliance does not equal security: PCI DSS was intended to be the floor, not the ceiling.The emergence of cloud computing has added a new wrinkleto the ongoing efforts to improve data security. This articlewill discuss the factors that must be considered when securing data in the Cloud, and how next-generation tokenizationprotects data as it flows across systems while minimizing PCIcompliance costs.

Data breaches and the Cloud

T he Verizon Business RISK team, in cooperation withthe United States Secret Service (USSS), has been conducting annual data breach investigations, the cur

rent finding being “2010 Data Breach Investigations Report.”The purpose of the report is to study the common elementsand characteristics that can be found in data breaches. In sixyears, the Verizon Business RISK team and USSS combineddataset now spans 900+ breaches and over 900 million compromised records.

As in previous years, the 2010 report showed that nearly alldata was breached from servers and online applications, with98% of all server breaches resulting from hacking and malware as the most dominant perpetrators. Financial services,hospitality, and retail comprised the “Big Three” industries,recorded as being 33%, 23%, and 15%, respectively, of alldata breaches. Targeting of financial organizations is hardlyshocking, as financial records represent the nearest approximation to actual cash for the criminal. An astounding 94% of

I “2010 Data Breach Investigations Report”— http://www.verizonbusiness.com/resourceslreports/rp 20 I0-data-breach-report_en_xg.pdf.

all compromised records (note: records differ from breaches2) in 2009 were attributed to financial services.

Financial firms hold large volumes of sensitive consumerdata for long periods of time, and because of this, fall undervery stringent government regulation requirements that require them to submit remediation validation records if datais found to be vulnerable, as well as regular compliance reports proving that they are’adequately securing the data theyhave access to. Despite being under such stringent compliance standards, 7900 of financial firms whose data had beenbreached failed to meet PCI DSS compliance, the minimumsecurity measure. Thus, organizations have been searchingfor a solution that protects the business from endpoint toendpoint, while efficiently meeting compliance.

In addition to the constantly evolving security threats thatmust be mitigated, enterprises are quickly adopting cloudcomputing practices that add a new element to the data security conundrum. According to Gartner forecasts, worldwiderevenue from use of cloud services will increase nearly 17%this year to $68.3 billion and will approach $150 billion in2014, a 20.5% compound annual growth rate over the nextfive years.3

While its growing popularity is undeniable, the Cloud alsohas serious data security issues. In the Cloud, data moves ata faster pace and frees up on-premise network bandwidth,which is what makes it attractive. Unfortunately, those performing the data breaches recognize the Cloud’s vulnerabilities and are quickly capitalizing on them. At DEFCON 2010,one of the largest hacker conferences in the world, 100 attendees who have already hacked or have tried to hack the Cloudparticipated in an in-depth survey. 96% of the participants

2 Note: one compromised record is defined as the record of one individual, whereasone data breach is defined as one company’s data being breached.

3 Rob O’Regan, “UK cloud adoption picks up as CIOs adapt to new delivery model”— http:!/searchvirtualdatacentre.techtarget.co.uklnews/column/0,294698,sid2o3gci 152 21 8,00.html.

ISSA Journal I December 2010

32 SSO2O1O Information Systems Security Association • www.issa.org • editor@issa.org • All rights reserved

Next Generation Tokenization for Compliance and Cloud Data Protection I UIf Mattsson ISSA Journal I December 2010

believed that the Cloud would open up more hacking opportunities for them.4 Given its rapid adoption rate, enterprisesneed a solution that will secure the cloud today and tpmorrow.

Encryption and tokenizationRecognizing the vulrierabilities that theCloud faces, we mustestablish a way to secure data that does not hinder the benefits of the Cloud including remote data access from anywherewith an Internet connection, quick content delivery, easilysharable content, and better version control. Two options thathave been used in on-premise data security are becoming ahot debate for which i~.better to secure data in the cloud: en-,cryption or tokenizatioh. While there is nO silver bullet to thedata security and compliance woes of large enterprise organizations, all eyes are on tokenization right now.

The difference between end-to-end encryption andtokenizationEnd-to-end encryption encrypts sensitive data throughout most of its life cycle, from capture to disposal, providing a strong protection of individual data fields. While it isa practical approach on the surface, encryption keys are stillvulnerable to exposure, which can be very dangerous in theriskier cloud environment. Encryption also lacks versatility,as applications and databases must be able to read specificdata type and length in order to decipher the original data. Ifa database and data length are incompatible, the text will berendered unreadable.

Token ization solves many of these problems. At the basic 1evel, tokenization is different from encryption in that it is basedon randomness, not on a mathematical formula, meaning iteliminates keys by replacing sensitive data with random tokens to mitigate the chance that thieves can do anything withthe data if they get it. The token cannot be discerned or exploited since the only way to get back to the original value isto reference the lookup table that connects the token with theoriginal encrypted value. There is no formula, only a lookup.

A token by definition will look like the original value in datatype and length. These properties will enable it to travel inside applications, databases, and other components withoutmodifications, resulting in greatly increased transparency.This will also reduce remediation costs to applications, databases, and other components where sensitive data lives, because the tokenized data will match the data type and lengthof the original.

First generation tokenizationThere are compelling arguments that question the validityof this emerging technology, like those explained in Ray Zadjmool’s article, “Are Tokenization and Data Field Encryption Good for Business?” that appeared in November’s ISSA

Journal.5 Zadjmool pointed out that “someearly adopters are quietly discarding theirtokenization and data field. encryption strategies and returning4to.more traditiOnal cardprocessing integrations.” He also mentionedthat there are no standards to regulate an4define exactly~,whatJs arid is not tokenization. What he failed to do is acknov~1edge thatthere are different forms of tokenization. It isno surprise to me that companies that havetried first generation methods have not seenthe results that they were.promised. Here’swhy.

Dynamic First GenerationTokenization (Figure 1)• Large, expanding footprint• Complex replication• Prone to collisions• Latency impact on perfor

mance• Expanding to additional

categories of tokenizationsmultiplies the inherentproblems

A variation of first generation tokenization isthe pre-populated token lookup table — staticfirst generation. This approach attempts toreduce the overhead of the tokenization process by pre-~opulating lookup tables with theanticipated combinations of the original sensitive data, thereby eliminating the tokeni

772561234

‘Pre-Generated StaticFirst GenerationTokenization (Figure 2)

‘.Large, static footprint• No replication needed• No collisions• Latency impact on perfor

mance• Faster than having to tokenizerepeatedly

• Expanding to additionalcategoriesoftokenizations

• multiplies the inherentproblems

• Practical limitations on hatcan be pre-generated

5 Ray Zadjmool, “Are Tokenization and Data Field Encryption Good forEiisiness?~ ISSA Journal, November 2010— Online: http://www.bluetoad.com/publication/?i=5 1180; PDF: https://www.issa.org/Library/Journals/20 l0fNovember/Zadjmoo.Are°b2oTokenization%2oand%2OData%2OField%2oEncryption.pdf.

123456789289552678092892789892252657892672456902 67267889225278289225673993036378262728288989225778689225 2662

Currently’ there are two formsof tokenization available: “first:generation” and “next generation.” First generation tokenization is available in two flavors:dynamic and static.

Dynamic first generation isdefined by large lookup tablesthat assign a token value to theoriginal encrypted sensitivedata (Figure 1). These tablesgrow dynamicall)’ as they accept new, untokenized sensitive data. Tokens, encryptedsensitive data, and other fields that containadministrative data expand these tables, increasing the already large footprints.

123456789289552678092892789892252657892672456902 67 267889225278289225673993036378262728 288989225778689225266239816290383626 1945447261904550261567

zation process (Figure 2). Butbecause the token lookup tablesare pre-populated, they alsocarry a large footprint.

While these approaches offergreat promise, they also intro-”duce great challenges:

Latency: Large token tablesare not mobile. The need touse tokenization throughoutthe enterprise will introducelatency and thus poor performance and poor scalability.

Replication: Dynamic tokentables must always be syn

4 Help Net Security — http://ww~s’.net.securitv.orgIsecworld.php?id 97 3

SS©2olo Information Systems Security Association • www.issa.org • editor@issa.org • All rights reserved33

Next Generation Tokenization for Compliance and Cloud Data Protection I Ulf Mattsson ISSA Journal I December 2010

chronized, an expensive and complex process that mayeventually lead to collisions. Complex replication requirements impact the ability to scale performance to meetbusiness needs and to deliver high availability.

• Practical limitation on the number of data categoriesthat can be tokenized: Consider the large lookup tablesthat would be needed to token ize credit cards for a merchant. Now consider the impact of adding social securitynumbers, email addresses, and any other fields that maybe deemed sensitive. The use of dynamic or static firstgeneration tokenization quickly turns into an impracticalsolution.

Next generation tokenizationLike first generation tokenization, next generation tokenization is built around the same concept of replacing sensitive data with random tokens. However,

193746402751402815593610375023

1,000,000max entries

Next GenerationTokenization (FIgure 3)• Small, static footprint• No replication needed• No collisions

Little or no latency• Fastest in the industry• Can work in parallel environ

ments• Can extend to as many data

categories of data whilemaintaining the smallfootprint

• No limitations on what can betokenized

required by the business, without the need for complex orexpensive replication.

• Versatile: Any number of different data categories ranging from credit card numbers to medical records can betokenized without the penalty of increasing the footprint,and more data types can benefit from the transparentproperties that tokens offer.

• Icicreased performance: Next generation tokenizationhas been benchmarked at approximately 200,000 tokensper second performance metrics that are hard to achievewith first generation tokenization or encryption.

When next generation tokenization is applied strategically toenterprise applications, confidential data management and

PCI audit costs are reduced and the risk of a security breachis minimized. Because authentic primary account numbers(PAN) are only required at authorization and settlement, security is immediately strengthened by the decrease of potential targets for would-be attackers. Simultaneously, PCI compliance costs are significantly decreased because tokenizationbrings data out of scope and eliminates the need for annualre-encryption that PCI requires with encryption strategies.Because they all need high availability, high performance,scalability, and quick response times that it offers, next tokenization is well suited for financial, retailer, health care,and telecommunications industries.

As Zadjmool pointed out, standards have yet to be developedfor tokenization, but the PCI Standards Security Council isin the process ofcreating guidance and validation documentsto help provide clarity on this emerging technology. In themeantime, Visa’s “Best Practices for Tokenization” 6 Version1.0, which was published on July 14, can provide some clarityuntil the Council releases its own standards. But be carefulbecause this draft implies a “one size fits all” architecturalsolution open enough for botched implementations. Thisincludes encryption pretending to be tokenization that lackssecurity requirements, where random-based tokenization isthe only true end-to-end solution.

ConclusionA holistic solution for data security should be based on centralized data security management that protects sensitive information throughout the entire flow of data across the enterprise, from acquisition to deletion. While no technologycan guarantee 100% security, tokenization and encryptionare proven to dramatically reduce the risk of credit card dataloss and identity theft. Next generation tokenization in particular has the potential to help businesses protect sensitivedata in the Cloud in a much more efficient and scalable manner, allowing them to lower the costs associated with compliance in ways never before imagined.

About the AuthorUlfMattsson is the chief technology officerof Protegrity, a leader in enterprise datasecurity management. He is commonlyconsidered one of the founding fathers oftokenization and has been advising theindustry’s top analysts and stakeholdersincluding PCI Security Standards Council,ISACA, and Visa as they navigate the roleof tokenization in payments security. Ulf is the inventor of morethan 20 patents in the areas of encryption key management,policy driven data encryption, internal threat protection, datausage control, and intrusion prevention. He may be reached atulf:mattsson @protegrity.com.

a key different iator of next generationtokenization is that it employs smallfootprint token servers that free up theprocess from many of the challengesfaced by the first generation tokenization (Figure 3).

Here are the key features of next generation tokenization:

• Distributed: Token serverswith small footprints enable the distribution of thetokenization process so thattoken operations can be executed closer to the data.Thus, latency is eliminatedor greatly reduced, depending on the deployment approach used.

• Scalable: The smaller footprint also enables the creation of farms of tokenservers that are based on inexpensive commodity hardware that create any scaling

6 ‘Best Practices for Tokenization.” Visa — http://usa.visa.com/downloadimerchants/tokenization_best_practices.pdf.

34 SSD201o Information Systems Security Association • www.issa.org • editor@jssa.org • All rights reserved

U.

a’

a

‘4a,’