Category:Integrity

From OWASP
Revision as of 07:55, 3 June 2006 by Jeff Williams (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


Data Integrity

In communications and data storage, it is almost always desirable to know that data is in the form it was intended to be. Data integrity checking allows one to make that determination. This generally implies authentication because the mechanism for determining that data has not been modified requires a secret possessed by the person who created the data. Proving the data has not changed in such a case is all done in the same operation as proving that the data originated with a particular sender.

For this reason, CLASP treats data integrity as a subset of data authentication. There are cases where integrity may be a separate service as authentication — such as at the physical link layer on trusted media, where errors may happen naturally but will not be security errors. These situations are extremely rare in software development.

This category currently contains no pages or media.