gathered from known good source (quality does not improve with age)
kept in secure manner
processed accurately
delivered via trusted method
cryptographic digital signature to authenticate source
cryptographic checksum for integrity assurance
encrypted comm.
Integrity: info has not had unauthorized modification. Not corrupted or destroyed. Authorized modifications must be audited.
Transactions: one or more events, eg. moving money account to account,
adjusting inventory, scheduling productions & shipping, coordinated &
committed as a single event.
reserve resources for unique access
comm.: reliable & confidential multiple methods among multiple
locations
rollback: remove transactions events if unsuccessful
Methods to minimize risk to accuracy:
limiting use of info: only to people & apps that need & know how to
use
verifying: compare to known good copy of info & file attributes or
checksums: calculated value that will change if file changes and is
hard to make file changes that leave checksum unchanged.
Loss of accuracy: potentially most devastating of security
incidents
can be undetected for long time
decisions made on bad info