From OIAr Archive 2013
Jump to navigation Jump to search
Page maturity
This page has maturity level 3 (usable)

This is a Quality Attribute document

Document icon Integritity Version: 0.1 OIAr logo
Document type: Quality Attribute Owner:

J.A.H. Schoonderbeek

A facility's/products Integrity, denoted as a single string, determines to what degree a facility/product is armed and protected against abuse, tampering, vandalism and/or malicious input. The more countermeasures are taken, the higher the degree of integrity is that can be guaranteed. However, applying many provisions to safeguard integrity often has an important drawback: The ease of use (the 'utility-value') of a facility/product will be reduced severely. Therefore, selecting a facility/product with a certain Integrity rating should be in line with the risks that are expected/applicable.

The following classes of Integrity are defined:

ordinal value meaning
0 NS no integrity specified
10 Low the facility has a bare minimum integrity level
20 Medium the facility has an average integrity level
30 High the facility has a high level of integrity

The table below provides an overview of these classes, and summarily lists (some of) the provisions that should be made to get a facility or product rated in a certain class:

Provision 1 - Low 2 - Medium 3 - High
Identity Validation none 1-factor 2-factor
Permission Validation -
Alerting - -
Hardening - -
Physical protection (housing and/or construction) -
Management access In-band In-band encrypted Out-of-band
... more about "Integrity"
Integritity +
J.A.H. Schoonderbeek +
unspecified +
Allows value"Allows value" is a predefined property that can define a list of permissible values to restrict value assignments for a property and is provided by Semantic MediaWiki.
NS +, Low +, Medium +  and High +
Has type"Has type" is a predefined property that describes the datatype of a property and is provided by Semantic MediaWiki.