When I started my study about JWT, I was searching for a smart method to authenticate a request, without querying the database each time to check the applicant reliability. I needed a token or something similar with the ability to validate itself and flexible enough to customize the validation strategy. Imagine for example a web application where a user can login and obtain a “pass” with his name and an expiration time, and this pass will let him ask for resources until the pass expires, and only if the issuer is trusted. Thanks to JWT’s self verification capabilities, I could discard every request where the token is invalid (a fake token not signed by my application) or expired. Beyond this specific use case, JWT can be also useful to securely transmit data to other applications.
Articles written by Alessandro Galli
Data protection is one of the major and recurrent problems in recent years: whether it is private information of users, or the company for which we work, the problem is always the same.
How to protect such data from any attackers who would - and could (!!) - be able to gain possession?
Before arriving at the solution of this problem, however, is right to split the series in at least two branches. In the wwww data can be “obtained” in two different moments: 1) as they pass over the network in packets, or 2) after their storing (eg. database or file) in one or more servers.
La protezione dei dati è uno dei problemi più sentiti e ricorrenti degli ultimi anni: che si tratti di informazioni private di utenti, o dell’azienda per cui lavoriamo, il problema è sempre lo stesso.
Come proteggere questi dati da eventuali malintenzionati che vorrebbero - e potrebbero(!!) - riuscire a entrarne in possesso ?
Prima di arrivare alla soluzione di questo problema però, è doveroso suddividere la casistica in almeno due rami. Nel mondo del web i dati possono essere “ottenuti” in due momenti differenti: 1) mentre transitano sulla rete sotto forma di pacchetti, oppure 2) successivamente al loro immagazzinamento (es. database o file) all’interno di uno o più server.