Property:Integrity

From OIAr Archive 2013
Jump to navigation Jump to search
Informational
Page maturity
This page has maturity level 3 (usable)

This is a Quality Attribute document

Document icon Integritity Version: 0.1 OIAr logo
Document type: Quality Attribute Owner:

J.A.H. Schoonderbeek



A facility's/products Integrity, denoted as a single string, determines to what degree a facility/product is armed and protected against abuse, tampering, vandalism and/or malicious input. The more countermeasures are taken, the higher the degree of integrity is that can be guaranteed. However, applying many provisions to safeguard integrity often has an important drawback: The ease of use (the 'utility-value') of a facility/product will be reduced severely. Therefore, selecting a facility/product with a certain Integrity rating should be in line with the risks that are expected/applicable.

The following classes of Integrity are defined:

ordinal value meaning
0 NS no integrity specified
10 Low the facility has a bare minimum integrity level
20 Medium the facility has an average integrity level
30 High the facility has a high level of integrity

The table below provides an overview of these classes, and summarily lists (some of) the provisions that should be made to get a facility or product rated in a certain class:

Provision 1 - Low 2 - Medium 3 - High
Identity Validation none 1-factor 2-factor
Permission Validation -
Logging/auditing
Alerting - -
Hardening - -
Physical protection (housing and/or construction) -
Management access In-band In-band encrypted Out-of-band
Showing 20 pages using this property.
The request is being processed and may take a moment. Preparing ...
{ "type": "PROPERTY_CONSTRAINT_SCHEMA", "constraints": { "type_constraint": "_txt", "allowed_values": [ "NS", "Low", "Medium", "High" ] } }