Integrity in Information Security
Integrity is one of the three core principles of the CIA triad. It ensures that data remains accurate, consistent, and trustworthy throughout its entire lifecycle—from creation to storage, processing, and transmission.
Integrity protects data from unauthorized modification, destruction, or corruption, whether caused by attackers, system failures, or human mistakes.
Why is Integrity Important?
Integrity is important because it ensures that information can be trusted.
- Reliable decision making: Organizations make decisions based on data. If data is incorrect, decisions will also be wrong.
- Prevents fraud and errors: Protects systems from manipulation, such as changing financial records or exam results.
- Maintains trust: Users trust systems only when data is correct and unchanged.
- Supports legal and regulatory compliance: Accurate records are required in banking, healthcare, and government systems.
Key Aspects of Integrity
- Data Accuracy: Data must correctly represent real-world values. For example, A student’s CGPA or a bank balance must be correct.
- Data Completeness: All required data must be present and not missing. For example, a hospital record should include all test results, not partial information.
- Data Consistency: Data should remain the same across different systems unless properly updated. For example, if a customer updates their phone number, it should be updated in all related systems.
Threats to Integrity
Integrity can be damaged in different ways:
- Unauthorized Data Modification: Attackers or insiders may change data without permission. Example: Changing exam marks or financial transactions illegally.
- Data Corruption (System Failure or Malware): Hardware failures, software bugs, or viruses can damage data. Example: A database crash may alter or delete important records.
- Accidental Human Error: Mistakes during data entry or processing can affect integrity. Example: Typing the wrong salary or marks in a system.
- Transmission Errors: Data may be altered during transfer over networks. Example: Network issues may cause incomplete or corrupted data packets.
How do we ensure integrity?
|
Technique
|
How it Helps
|
|
Checksums / Hash functions
|
Detect unauthorized changes during transmission or storage by verifying data signatures.
|
|
Digital signatures
|
Ensure authenticity and integrity of messages/documents.
|
|
Audit logs
|
Record changes to data so unauthorized modifications can be detected and investigated.
|
|
Access controls
|
Prevent unauthorized users from altering data.
|
|
Database integrity constraints
|
Enforce rules (e.g., no duplicate IDs, required fields).
|
|
Version control
|
Track changes and allow rollback to a valid state.
|
Best Practices for Protecting Integrity
Maintaining integrity means keeping data accurate, complete, and unchanged unless properly authorized. The following practices help achieve this:
- Implement Role-Based Access Control (RBAC): Access should be given based on a user’s role. Only authorized users should be able to modify data. It prevents unauthorized or accidental data modification. Example: a student can view results but cannot change them, a teacher can enter marks but cannot modify financial records
- Use Cryptographic Tools (Hashes & Digital Signatures): To ensure data has not been changed, cryptographic techniques are used. It ensures that data is not altered during storage or transmission.
- Hashing (Hash function): Converts data into a fixed value (hash). If data changes, the hash also changes.
- Digital Signatures (Digital signature): Verify both the identity of the sender and the integrity of the data.
Example: Software downloads verify file integrity using hash values, online transactions use digital signatures
3 Maintain Regular Backups: Data should be copied and stored securely at regular intervals. So that if data is corrupted, lost, or modified incorrectly, it can be restored to a correct version.
4. Perform Regular Audits and Integrity Checks: Systems should be monitored and checked regularly to detect any unauthorized changes. It helps detect errors, fraud, or suspicious activity early. Example: reviewing logs of who accessed or modified data, running automated checks to compare current data with original values.