The IT Law Wiki
Register
Advertisement

Definitions[]

Computer security[]

Integrity is

the assurance that data are protected against unauthorized modification or destruction of information.[1]
[the] assurance that a message was not modified accidentally or deliberately in transit, by replacement, insertion or deletion.[2]
[g]uarding against improper information modification or destruction; includes ensuring the non-repudiation and authenticity of information.[3]
[the q]uality of an IS (information system) reflecting the logical correctness and reliability of the operating system; the logical completeness of the hardware and software implementing the protection mechanisms; and the consistency of the data structures and occurrence of the stored data.[4]
the property that data or information have not been altered or destroyed in an unauthorized manner.[5]
the state that exists when information is unchanged from its source and has not been accidentally or intentionally modified, altered, or destroyed.[6]
[t]he property whereby information, an information system, or a component of a system has not been modified or destroyed in an unauthorized manner.[7]

Copyright[]

See Right of integrity.

FISMA[]

Under the Federal Information Security Management Act of 2002, integrity means

guarding against improper information modification or destruction, and includes ensuring information nonrepudiation and authenticity.[8]

A loss of integrity is the unauthorized modification or destruction of information.

General[]

Integrity is "[s]ound, unimpaired or perfect condition."[9]

Information[]

Integrity is

the security of information — protection of the information from unauthorized unanticipated, or unintentional modification — to prevent information from being compromised through corruption or falsification.[10]

Office of Management and Budget[]

Integrity refers to

the security of information — protection of the information from unauthorized access or revision, to ensure that the information is not compromised through corruption or falsification.[11]

Overview[]

Integrity has two facets: data integrity and system integrity.

Integrity is the attribute of information that addresses its authenticity, correctness, and reliability. Protecting and monitoring information integrity are the goals of technologies and tools that prevent tampering and detect unauthorized modification or destruction of information.

Information integrity is a prerequisite for trust throughout the IT infrastructure. Without integrity, data, information, messages, and systems cannot be trusted. Without trust in the underlying information, higher-level functionalities, including measures to protect and safeguard the system itself, cannot be relied upon.

Data integrity assures that unauthorized modification of a system’s data resources is detected and that messages or data in transit, including headers and content, are unchanged between the data’s source and destination. Data resources include system configurations, data structures, the code controlling the behavior of the operating system, and other system or application software. Integrity controls also provide non-repudiation — that is, proof of the origin and integrity of data that can be verified by a third party, which prevents an entity from successfully denying involvement in a previous action. Integrity is necessary for a system to provide reliable services, including security services. Many attacks begin by undermining system integrity.

Information integrity can be compromised through accidental or intentional action by system developers, system administrators, operations and maintenance staff, end users, routine equipment failures, or malicious actors.

References[]

See also[]

Advertisement