Definitions of the pertinent concepts used in this article:Authenticity: Property that ensures that an identity of a subject or resource is, in fact, the real identity claimed. It applies to individuals (users), but also to other entity (applications, processes, systems, etc.).
Integrity: Methods of ensuring that data is real, accurate, consistent and safeguarded from unauthorized modification.
Non-Repudiation: To repudiate means to deny. Therefore, non-repudiation refers to the assurance that someone cannot deny something.
Irrevocability: Something done in such a way that it cannot be undone, revoked, repealed or annulled. In the case of IT security, it can be translated as keeping a record of all things done on a network.
Firstly, let's talk about authenticity. the whole concept revolves around the ability of people or any other entities to prove who they claimed to be. As of today, authentication takes form with one or many of these methods:
- To know something (Ex.: password)
- To possess something (Ex.: token)
- To be someone/something (Ex.: biometrics)
- To do Something (Ex.: swipe pattern)
- To be somewhere (Ex.: geolocation)
This is where strong authentication comes in place. With multi-factor authentication, we can increase the certainty at which authentication is claimed by the right entity. The "Era" when all the people in a company were using the same credentials to access the network is gone, and now we need to ensure that one account is bound to one entity. This is essential for non-repudiation, but not enough to provide it entirely. We still need another piece of information in order to accomplish Non-Repudiation...Secondly, time to talk about integrity. How can we be sure that data is real? To answer the question, tools and methods have been created to help provide it. The use of digital signatures, hashes, back-ups and products/solutions like Tripwire can ensure data integrity.If we have the certainty of both the Authenticity of an entity and the Integrity of the data in question, we then have achieved Non-Repudiation. Thus, we can conclude that:--> Authenticity AND Integrity => Non-RepudiationNow, irrevocability should also be implemented as a means to IT security (and even global company security). It is a must to keep records of all actions, like file creation, access, update, and deletion, as well as outside action taken towards the network. These records should be audited and reviewed to ensure that no malicious actions took place...Audit of privilege accounts is of great importance, but effectively auditing crucial files operation is also important. I heard about someone who works in the health department of some country (kept private). The person accessed the medical file and thus accessed information about a celebrity (kept private). But, of course, there is a label system that lights up an alarm as soon as the person accessed the file. So, with the irrevocability of the file access history and the non-repudiation assuring the agency that the person cannot deny having accessed the file, there has been actions taken against the employee, and disciplinary steps have been taken as well.This is why charting irrevocably all actions performed on the network, and audit of chartings is so important. Plus, having achieved non-repudiation assures that the entity who has done something cannot deny having done so.Thanks for reading and please comment about your experiences as well :)
