Towards The Tokenization of Data
Published in
3 min readJul 29, 2022
We live in a 20th Century world of data, and where we just gather it and care little about its trustworthiness. But, there is a better way, and that’s to use signed tokens to protect and/or define trustworthiness. To protect, we can encrypt our data, and for the trustworthiness, we can use a digital signature. One of the most widely used methods for this is JSON Web Tokens (JWT).
With this we have:
- A header. This defines the token type (such as JWT) and the signing method that we will use.
- A payload. This defines the main payload data, and is defined in a simple JSON format. This might include the user’s ID, their email address, and so on. The fields are flexible and can be created for any purpose.
- A signature. This is either a public key signature (with RSA or ECDSA) or an HMAC signature (and which uses a given hashing method and a secret password).
The registered claim names are:
- “iss” (Issuer). This identifies the issuer of the token.
- “sub” (Subject). This defines the subject of the token.
- “aud” (Audience). This defines the general audience…