Confidentiality refers to the protection of data, objects, and resources against unwanted sight and access. Data integrity means that it is secured against unauthorized alterations in order to be trustworthy and correct. The availability of systems and resources implies that authorized users have access to the systems and resources they require. Security also includes privacy. Privacy is the right of an individual or group not being subject to unreasonable intrusion when using information technology.
Integrity is the state or condition of being intact or whole; credibility or trustworthiness. Data integrity can be thought of as the quality of being free from defects or faults that would cause problems if others were able to view them. An integrated circuit is a fabricated semiconductor device where the components are interconnected on the same substrate. The term is most often used to describe the quality of being complete or unaltered. In information technology, data integrity means that information has not been altered in an unauthorized way. Programs should be designed to avoid allowing incorrect data to be entered because this could result in important decisions such as credit card charges or patient treatments being administered based on false information.
Data integrity issues can arise when information is modified by other than its intended recipient. For example, in e-mail a message may appear to have come from someone who did not send it. This occurs because e-mail programs allow for easy editing of text after it has been sent.
Failure to preserve confidentiality implies that someone who shouldn't have access to sensitive information has. A breach of confidentiality, whether deliberate or unintentional, can have significant consequences. The correctness and completeness of data are referred to as integrity in the area of information security.
Integrity is the ability of a system to give an accurate reflection of reality. It includes the reliability of a system to deliver its intended service without failure (i.e., no output unless there is input). System reliability depends on how well designed it is. Design involves considering what could go wrong with the system, identifying the causes of these problems, and then taking measures to prevent them from happening. Design also involves determining how to respond if something goes wrong with the system. Response involves taking actions to restore normal operation as soon as possible after detection of a problem.
An example of a system with low integrity would be one where any user can read all of another user's data. This would be easy to do if the files were stored unencrypted at rest on the hard drive. Even if the drives were encrypted, a hacker could simply break into them to obtain the decryption keys. Such a system would be very insecure because anyone could see or hear anything they wanted by just downloading the data from the disk.
A system with high integrity would require some form of authentication to ensure that only authorized users can access certain data.
Confidentiality entails avoiding disclosing personal information about others without their knowledge or permission. You may protect confidentiality by ensuring that unauthorised persons cannot access textual or electronic material.
In data processing, confidentiality refers to the rule that personnel shall not be permitted access to certain parts of an organization's computer system. Confidential information includes trade secrets, customer lists, and medical records.
The term is also applied when information is disclosed only to a limited group or individual. For example, employees of one company may be given access to confidential information from another company without violating any laws if both companies agree to the arrangement. Similarly, doctors treating patients during office hours may give out information about those patients over the phone without breaching patient confidentiality. In such cases, it is important that no identifying details are given out and that no written records are made of the conversations. Otherwise, there would be no way to verify whether the doctor had been acting in accordance with patient confidentiality.
In law enforcement, the term confidentiality is used to describe the policy of nondisclosure between investigators and suspects or witnesses. The purpose is to ensure that each person knows what role they are being asked to play and that information shared between them is kept private.