Fundamentals of Cryptography

Protecting the Integrity of Data

Data is only as valuable as long as it correct. The act of ensuring the correctness of data is referred to as data integrity. Data integrity has several meanings, but can generally be narrowed down to the following three points.

  • Only authorized users are allowed to make authorized changes to data.
  • Unauthorized users are not allowed to make unauthorized changes to data.
  • The data is internally and externally consistent.

The first two points are self explanatory. The third point is a little more complex. Internal consistency refers to the state of the data in electronic format, i.e. stored on a disk. The external consistency is the true measure of what the data represents. A simple example is an inventory database. The actual number of cans on shelf is the external consistency, and the number of cans recorded in the database is the internal consistency. Data integrity extends beyond the realm of technology and into the realm of management. Assuming that the proper controls are in place to ensure internal and external consistency, we can begin to address the technical aspects of integrity.

A violation of data integrity has happened when an unauthorized modification occurs. In technical terms, an unauthorized modification is a modification that is outside the normal operations of a computer. For example, altering an email while it’s being transmitted, or causing a buffer overflow that changes data in memory. Although it is impossible to prevent these changes, it is possible to detect them. This is achieved through a function called a one-way hash.