📅  最后修改于: 2022-03-11 14:55:01.506000             🧑  作者: Mango
Integrity
Integrity measures protect information from unauthorized alteration. These measures provide assurance in the accuracy and completeness of data. The need to protect information includes both data that is stored on systems and data that is transmitted between systems such as email. In maintaining integrity, it is not only necessary to control access at the system level, but to further ensure that system users are only able to alter information that they are legitimately authorized to alter.
As with confidentiality protection, the protection of data integrity extends beyond intentional breaches. Effective integrity countermeasures must also protect against unintentional alteration, such as user errors or data loss that is a result of a system malfunction.
While all system owners require confidence in the integrity of their data, the finance industry has a particularly pointed need to ensure that transactions across its systems are secure from tampering. One of the most notorious financial data integrity breaches in recent times occurred in February 2016 when cyber thieves generated $1-billion in fraudulent withdrawals from the account of the central bank of Bangladesh at the Federal Reserve Bank of New York. The hackers executed an elaborate scheme that included obtaining the necessary credentials to initiate the withdrawals, along with infecting the banking system with malware that deleted the database records of the transfers and then suppressed the confirmation messages which would have alerted banking authorities to the fraud. After the scheme was discovered most of the transfers were either blocked or the funds recovered, but the thieves were still able to make off with more than $60-million.
There are many countermeasures that can be put in place to protect integrity. Access control and rigorous authentication can help prevent authorized users from making unauthorized changes. Hash verifications and digital signatures can help ensure that transactions are authentic and that files have not been modified or corrupted. Equally important to protecting data integrity are administrative controls such as separation of duties and training.