The proliferation of business-critical and sensitive electronic data creates a data security challenge, especially when sensitive data is collected in geographically distant locations and stored in multiple applications and databases for later processing.
Data encryption uses an encryption key to encrypt the sensitive data. The resulting encrypted data, sometimes called cipher text, can be stored in a database. The encrypted data is generally larger than the original value, requiring more space. Storing the encryption key in the same place exposes the encrypted data to easy decryption if the database is compromised.
Another layer of security is sometimes provided in the form a token that represents or acts as a pointer to the encrypted data. Token collision occurs when the same token is assigned to represent two different items of sensitive data. Most existing token-based solutions require a centralized implementation with a single data store in order to minimize the risk of token collision, and to ensure a one-to-one relationship between a token and the sensitive data it represents. Controlling or resolving token collision is a significant challenge, especially in computing environments with multiple active domains located in distant territories. Efforts at eliminating token collision have been unsuccessful.