Integrity controls ensure that protected information is safe from unauthorized modification. It ensures that only authorized changes are made to information and that information is not maliciously or accidentally damaged. Integrity controls include the use of hash functions and file integrity monitoring software.
- [Instructor] Information security professionals must also supply controls to protect the integrity of information. As the second leg of the CIA triad, integrity controls ensure that information is not altered without authorization. Integrity controls protect an organization's information from accidental or intentional tampering that may come as the result of many different issues. Integrity failures may result from the intentional alteration of information, such as an employee altering his or her salary, or a student altering grades.
They may come from user error, such as a data entry clerk accidentally entering the wrong information into a field, or they may come from software or hardware error, such as an application or hard drive malfunctioning and writing erroneous data. Finally, they may come from acts of nature, such as a lightning strike that alters information stored on a disk. Hashing is one of the core controls used to protect integrity. A hash function is a mathematical algorithm that computes a unique digest from a file of any length.
This digest is like a fingerprint for the file. It's a short piece of data that can uniquely identify the contents of a file and tell if it's been modified. Let's take a quick look at hashing in action. Here I am going to use a common hash function called md5, short for message digest version five, along with a very simple text file, the Gettysburg Address. So this page that we're looking at, an md5 hash generator, will take any text that you type into this string field and compute the md5 hash value for that string.
I'm going to go ahead and paste the text of the Gettysburg Address into this, and as you can see, the web page already computed for me the md5 hash value of this text. This long string, beginning with 78E35 and ending with FD7, is the hash value of the text of Gettyburg Address. Now if I go back up here and make a change, let's say I change this from "Four score and seven years ago" to "Four score and eight years ago," notice that the hash value has changed to a completely different value.
If I go ahead and change this back and type "seven" again, I have that original hash value that began with 78E35 and ended with FD7. That's a major change to the file, but hash values are extremely sensitive. Notice, for example, if I take this comma after "new nation" and delete it, the hash value again changes completely. Hash values are very good at telling us if any change has been made to a file, but they can't tell us what changes were made or how significant those changes were.
Hashes can easily detect changes in a file. You can compute the hash value of a file today and then compare it to the hash value that you compute tomorrow. If the hash value hasn't changed, the file hasn't changed. If the two hashes are different, you know that some modification to the file has taken place. Hashes are the foundation for many different integrity controls. One of those is digital signatures, a control that helps us achieve the goal of non-repudiation.
Non-repudiation means that the creator of text cannot later dispute that he or she was the real originator of that text by claiming that the message was a forgery. Just as you'd sign a paper document with your physical signature, you can apply a digital signature to a digital file to achieve non-repudiation. To create a digital signature, the person signing the document first uses a hash function to create a digest of that document, and then encrypts the hash value using his or her private encryption key.
The recipient of a digitally signed message can then use the sender's public key to decrypt the signature and then compute the hash value of the message themselves and compare the values from step one and step two. If they match, the message is authentic. If they don't match, the message may have been tampered with. There's a bit more technology in this that I cover in the CISSP Security Engineering course. Digital signatures can also be used to create digital certificates.
Digital certificates are files used to provide a system or individual's public encryption key to previously unknown third parties. Organizations known as certificate authorities create these certificates and then digitally sign them to show that they are authentic. Again, I cover this in more detail in the CISSP Security Engineering course.
Members who complete this course will be prepared to answer questions on the Security and Risk Management domain of the CISSP exam, and establish a critical foundation for the rest of their careers.
Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx.
- Aligning security with the business
- Using control frameworks
- Understanding compliance ethics
- Implementing effective security policies
- Ensuring the security of employees
- Managing risk
- Identifying threats
- Managing vendors
- Building security awareness and conducting security training