Securing Linux, Part 1: Introduction

By Mario Eberlein, Rene Auberger, Wolfram Andreas Richter
2005-04-21


Integrity
Data with integrity is valid and has not been changed accidentally or maliciously. Integrity should be considered when data is stored or exchanged. Data received at the destination must be an exact copy of the source data. This means that, on the one hand, physical transmission and storage media must be reliable, so that data is transferred correctly without bit errors. On the other hand, data must not be altered by unauthorized entities having access without being detected. The scope of integrity begins after the user -- the ultimate authority -- entrusts data to the system. User errors are therefore out of scope of integrity.

For network connectivity, take special care to ensure integrity, regardless of whether the network is secured (for example, by encrypting transmission) or not. Third parties with access to the transport medium may re-route or alter data in transit. The aspects of integrity referring to the physical environment of the network and the interconnected computers are not specific to Linux and are valid for any computer installation; it is therefore out of scope of this article. However, measures taken to protect data integrity on a physical level include, among other things, restricting access to computers, keeping transmission media (such as cables and connectors) protected, and avoiding power outages and electrostatic discharges (read "Building the Ideal Web Hosting Facility: A Physical Security Perspective"; see Resources for a link).

This series of articles will concentrate on security measures taken in the operating system and application environment, such as encryption and signatures, to actively ensure integrity. It will also focus on auditing mechanisms to identify loss of integrity and determine responsible parties.

Tutorial Pages:
» A Consideration of What it Means to be Secure
» Security Defined
» Integrity
» Confidentiality
» Availability
» Linux System Security
» Next in the Series
» Resources


First published by IBM DeveloperWorks

Related Tutorials: » How to Install PHP 5 on Linux » How to Install Apache 2 on Linux » How to Install MySQL 5.0 on Linux » SMB Caching » Mound --Bind » Tar Wild Card Interpretation

Tutorials AJAX ASP CGI & Perl CSS Flash HTML Illustrator Java JavaScript Linux MySQL PHP Photoshop Python Wireless XML Miscellaneous Scripts AJAX ASP ASP.NET CGI & Perl Flash Java JavaScript PHP Python Remotely Hosted Tools & Utilities XML Web Hosting Articles ASP.NET Budget Dedicated Servers Ecommerce Linux Resellers Shared Small Business Windows Developer Manuals Learn HTML Learn PHP Learn CSS Learn AJAX Learn JavaScript Learn Pear White Papers Resources Developer Tools Developer Content