HOME

TheInfoList



Click Here for Items Related To - Honeytoken
OR:
Honeytoken on:   [Wikipedia]   [Google]   [Amazon]

Honeytokens are fictitious words or records that are added to legitimate
database In computing, a database is an organized collection of data or a type of data store based on the use of a database management system (DBMS), the software that interacts with end users, applications, and the database itself to capture and a ...
s. They allow administrators to track data in situations they wouldn't normally be able to track, such as cloud-based networks. If data is stolen, honey tokens allow administrators to identify who it was stolen from or how it was leaked. If there are three locations for medical records, different honey tokens in the form of fake medical records could be added to each location. Different honeytokens would be in each set of records. The uniqueness of Honeytokens is the ability to use it as an intrusion-detection system (IDS), as it proactively works to find suspicious activity within a computer network, alerting the system administrator to things that would otherwise go unnoticed. Along with its practice in organizations, Honeytokens provides drastic improvements to network security as Firewalls alone only can look outwardly to prevent incoming threats while Honeytokens look inwardly to see threats that may have slipped by a firewall. This is one case where they go beyond merely ensuring integrity, and with some reactive security mechanisms, may prevent the malicious activity, e.g. by dropping all packets containing the honeytoken at the router. However, such mechanisms have pitfalls because they might cause serious problems if the honeytoken was poorly chosen and appeared in otherwise legitimate network traffic, which was then dropped. In the field of
computer security Computer security (also cybersecurity, digital security, or information technology (IT) security) is a subdiscipline within the field of information security. It consists of the protection of computer software, systems and computer network, n ...
, honeytokens are honeypots that are not computer systems. Their value lies not in their use, but in their abuse. As such, they are a generalization of such ideas as the honeypot and the canary values often used in stack protection schemes. Honeytokens do not necessarily prevent any tampering with the data, but instead give the
administrator Administrator or admin may refer to: Job roles Computing and internet * Database administrator, a person who is responsible for the environmental aspects of a database * Forum administrator, one who oversees discussions on an Internet forum * N ...
a further measure of confidence in the data integrity. The term was first coined by Augusto Paes de Barros in 2003.


Uses

Honeytokens can exist in many forms, from a dead, fake account to a database entry that would only be selected by malicious queries, making the concept ideally suited to ensuring data integrity. A particular example of a honeytoken is a fake
email address An email address identifies an email box to which messages are delivered. While early messaging systems used a variety of formats for addressing, today, email addresses follow a set of specific rules originally standardized by the Internet Enginee ...
used to track if a mailing list has been stolen.


See also

* Honeypot *
Fictitious entry Fictitious or fake entries are deliberately incorrect entries in reference works such as Dictionary, dictionaries, encyclopedias, maps, and directories, added by the editors as #Copyright traps, copyright traps to reveal subsequent plagiarism or ...
*
Trap street In cartography, a trap street is a fictitious entry in the form of a misrepresented street on a map, often outside the area the map nominally covers, for the purpose of "trapping" potential plagiarists of the map who, if caught, would be unable ...


References

{{computer-security-stub Computer network security