Data Integrity

The data integrity service detects whether there has been unauthorized modification of data. There are two ways in which data could be altered: accidentally, as a result of hardware and transmission errors; or a deliberate attack. Many hardware devices and transmission protocols have mechanisms to detect and correct hardware and transmission errors. Therefore, the purpose of the data integrity service is to detect a deliberate attack.

The data integrity service aims only to detect whether data has been modified. It does not aim to restore data to its original state if it has been modified.

Access control mechanisms can contribute to data integrity insofar as data cannot be modified if access is denied. But, as with confidentiality, access control mechanisms alone cannot effectively contribute to data integrity when data passes through an untrusted network.

There are two aspects to data integrity within Rhapsody:

• Data integrity checks during secure communications between Rhapsody and external systems. This is primarily achieved using digital signature verification within secure transmission protocols.
• Backups of data used by Rhapsody which is persisted to disk.

For details on data integrity services that can be implemented in a Rhapsody environment, refer to:

• Managing Certificates and Keys.
• Rhapsody Server Authentication.
• Using SSL Certificates.
• TLS/SSL Support in Rhapsody.
• Message Store.
• Backup and Restore.