Journal "Software Engineering"
a journal on theoretical and applied science and technology
ISSN 2220-3397
Issue N8 2021 year
There are three main aspects of the information security: • confidentiality; • availability; • integrity. Nowadays ensuring the confidentiality has ceased to be the dominant requirement, but privacy as an element of confidentiality (or as an independent aspect) attracts, perhaps, the greatest attention both at the legislative (personal data protection) and at the technical (depersonalization of big data) levels. The Internet of Things has defined a new level of accessibility requirements. Network access has come to the fore, without it a (too) smart kettle will not boil water. (Attempts to block some Internet resources led to similar everyday problems.) The number of entities whose integrity needs to be ensured has grown. These are data flows, hardware configurations, logistics chains, and much more. Integrity began to be understood not only as security against unauthorized modification, but also as the quality of data, their completeness and validity. This was the reason for writing this article. In our opinion, there is no systematic presentation of modern approaches to ensuring integrity in the literature and therefore it would be appropriate. It makes no sense to rank the aspects of information security according to their importance, but we would like to emphasize the role of integrity. Integrity turns out to be the most important aspect of information security in those cases when information is a "guide to action" and serves to make decisions. The prescription of medicines, prescribed medical procedures, the set and characteristics of components, the course of the technological process — all these are examples of information, the violation of the integrity of which can literally be fatal. It is also unpleasant to distort official information, whether it is the text of the law or the page of the website of a government organization. Compromising the integrity of the electronic voting process casts doubt on the legitimacy of the authorities. Unauthorized influence on financial flows leads to material losses. Distortion of navigation data can lead to accidents. The article is an overview of modern approaches to ensuring integrity as an aspect of information security. An attempt is made to analyze the relevant models, policies and security mechanisms, as well as their application in different subject areas.