1
00:00:01,120 --> 00:00:06,970
In the last lecture, we talked about confidentiality, let us move on to integrity.

2
00:00:08,110 --> 00:00:09,420
So what is integrity?

3
00:00:10,000 --> 00:00:17,860
Well, integrity is ensuring that information is not modified when it is in storage or it is being transferred

4
00:00:17,860 --> 00:00:19,450
from one medium to another.

5
00:00:20,410 --> 00:00:25,870
Integrity also means that ensuring only authorized modifications are made.

6
00:00:25,880 --> 00:00:34,090
That is, only people who are authorized to do it can access the data or can make any changes.

7
00:00:34,720 --> 00:00:43,270
Integrity also means that ensuring that data is accurate, authentic and safe from unauthorized access

8
00:00:43,810 --> 00:00:52,650
in order for users to be able to rely on the correctness of data when the information is being processed.

9
00:00:53,170 --> 00:01:00,370
So basically, integrity means the data should only be changed by authorized people and the data should

10
00:01:00,370 --> 00:01:06,760
not be made available to be written on or to be changed by unauthorized Third-Party users or attackers.

11
00:01:07,240 --> 00:01:15,370
Now, one of the most important principles of integrity is data must be complete and intact unless and

12
00:01:15,370 --> 00:01:19,150
until it is being modified by unauthorized people.

13
00:01:20,050 --> 00:01:24,190
For example, the accounting data must be authentic.

14
00:01:24,200 --> 00:01:25,930
That is complete and exact.

15
00:01:26,380 --> 00:01:33,130
The accuracy of information is ensured by avoiding unjustified alterations of such information.

16
00:01:33,610 --> 00:01:40,120
Now, many devices manipulating data, including disk drives and other media, as well as communication

17
00:01:40,130 --> 00:01:45,310
systems, contain the devices for automatic data integrity verification.

18
00:01:46,000 --> 00:01:52,090
Data integrity controls are essential in operating systems, software and applications.

19
00:01:52,510 --> 00:01:58,630
They allow the avoidance of intentional of involuntary corruption of programs and data.

20
00:01:59,620 --> 00:02:05,990
Now, let me tell you one thing that data controls must be included in the procedures during audits.

21
00:02:06,370 --> 00:02:11,970
Now, these contribute to the reduction in the risk of error, theft and fraud.

22
00:02:12,790 --> 00:02:20,050
Data validation controls user trainings as well as controls at the operational level are good examples

23
00:02:20,050 --> 00:02:22,120
to prevent the integrity of data.

24
00:02:22,790 --> 00:02:27,820
Now, when it comes to integrity, it must be analyzed from three perspectives.

25
00:02:27,820 --> 00:02:34,210
First, being proven, someone with authority to modify from making changes and data that is previously

26
00:02:34,210 --> 00:02:38,140
stored must remain unchanged during the data transportation.

27
00:02:38,140 --> 00:02:42,260
Otherwise, you know, there's no point in maintaining the integrity of the data.

28
00:02:43,210 --> 00:02:49,150
Now data can experience damages due to storage regions, natural or intentional errors.

29
00:02:49,480 --> 00:02:55,300
And if there are any system damages now, let us have an example of the integrity.

30
00:02:56,960 --> 00:03:03,740
So this is Bob, and this is truly and, you know, Bob is trying to send something and he's trying

31
00:03:03,740 --> 00:03:09,520
to tell his account number, let's say, for example, he's trying to say Dell account number two alist.

32
00:03:09,890 --> 00:03:12,140
Meanwhile, Judy, she's very naughty.

33
00:03:12,440 --> 00:03:19,040
What she's doing is she's not allowing Bob's message to get delivered to Alice by using some malicious

34
00:03:19,040 --> 00:03:19,670
hacks.

35
00:03:19,920 --> 00:03:27,290
And meanwhile, she can read this data so she understands that, OK, Bob is sending account number

36
00:03:27,500 --> 00:03:29,260
to Alice, his account number.

37
00:03:29,270 --> 00:03:32,760
What I'll do is I'll send my account number instead.

38
00:03:33,590 --> 00:03:40,160
So here the order, the data that is original account number of Bob is getting altered and is getting

39
00:03:40,160 --> 00:03:41,660
replaced with Trute.

40
00:03:42,230 --> 00:03:46,980
In this case, the integrity of the data is being violated.

41
00:03:47,690 --> 00:03:55,100
This is mean that not this account number is supposed to be only changed by Bob or it is only to be

42
00:03:55,100 --> 00:03:56,790
known by Alice.

43
00:03:57,200 --> 00:04:03,500
So in this case, Trudy can access this data, which means there is a loss of confidentiality as well

44
00:04:03,500 --> 00:04:10,640
as Stuart is able to modify it and then send the next message to Alice with her own account number.

45
00:04:11,090 --> 00:04:14,370
So this is also the violation of integrity principle.

46
00:04:15,050 --> 00:04:17,810
I hope you understand the integrity principle.

47
00:04:18,200 --> 00:04:25,580
And in the next lecture, we will talk about the third and the most important principle of the elements

48
00:04:25,580 --> 00:04:27,050
of information security.

49
00:04:27,380 --> 00:04:28,910
That is the availability.

50
00:04:29,310 --> 00:04:31,160
I will see you in the next lecture.