Control IntegrityProtection

URI: IntegrityProtection

Description: The data is cryptographically verifiable. This may apply to a specific stored or flowing copy of the data. If applied to the data asset to which these relate. For now, we assume the data is normally encrypted after insertion of an integrity check. Encryption ensures updates are by authorised processes (in possession of a key), and thus the signature can be self-signed inside the outermost encryption. This avoids the need to model extra measures such as X509 to bind the signature to the authorised process, although it does mean the model only corresponds to embedded integrity checking information.

DataAsset

A base class for all assets representing Data. Used partly to provide a classifier for the palette.

CSG-DataFlowIntegrityProtection	Makes it possible to check that a copy of *Data* flowing from *FlowsFrom* to *FlowsTo* has not been accidentially or deliberately altered by an intermediary or in transit.
CSG-DataStorageIntegrityProtection	Makes it possible to check if the stored copy of *Data* on *Host* has been altered by an unauthorised process.

Control IntegrityProtection

Assets (1)

Control Strategies (2)