What does "System Integrity" mean?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
System Integrity means that all components of the system cannot be tampered with by unauthorized personnel and can be verified that they work properly.
The following answers are incorrect: The software of the system has been implemented as designed.
Is incorrect because this would fall under Trusted system distribution.
Users can't tamper with processes they do not own.
Is incorrect because this would fall under Configuration Management.
Design specifications have been verified against the formal top-level specification.
Is incorrect because this would fall under Specification and verification.
References: AIOv3 Security Models and Architecture (pages 302 - 306) DOD TCSEC - http://www.cerberussystems.com/INFOSEC/stds/d520028.htm.
System Integrity refers to the assurance that a system, whether it be a hardware or software system, operates as intended and is free from unauthorized modifications, alterations, or tampering. It is a key aspect of information security and ensures that the system can be trusted to perform its functions reliably and securely.
Option A, "The software of the system has been implemented as designed," is a partial definition of system integrity as it only pertains to the software aspect of a system. System integrity, however, encompasses more than just software, and it is critical to ensure that hardware and firmware are also functioning as intended.
Option B, "Users can't tamper with processes they do not own," is a security measure that is part of maintaining system integrity, but it is not a complete definition. Limiting user access and permissions is important to protect the integrity of the system, but it is not the only measure that needs to be in place.
Option C, "Hardware and firmware have undergone periodic testing to verify that they are functioning properly," is a key aspect of system integrity. Hardware and firmware can be vulnerable to attacks and malfunctions, so it is important to regularly test and verify that they are operating as intended.
Option D, "Design specifications have been verified against the formal top-level specification," is also a key aspect of system integrity. Verifying that the design specifications match the top-level specifications ensures that the system is functioning according to its intended design and that there are no unintended changes or deviations.
In summary, System Integrity refers to ensuring that a system functions as intended and is free from unauthorized modifications or alterations. It involves testing and verifying the proper functioning of software, hardware, and firmware and ensuring that design specifications match the top-level specifications.