Endpoint data integrity
The integrity of data is the very basis of data-driven business operations. Any compromise in the integrity of context-sensitive data can potentially compromise the entire IIoT value chain. Common examples of endpoint data include raw data, configuration and log files, secrets, software libraries, and binary executables. These can be classified into:
- Data at rest (DAR), or stored data
- Data in use (DIU); that is, files and data resources used at runtime
- Data in motion (DIM); that is, data leaving the device
Integrity verifications enable the detection of any intended and malicious or unintended alterations in the data. The CRC checksum has traditionally been used to verify data integrity; however, the modern threat environment demands more advanced integrity controls, because an attacker can modify the checksum to match their changes to the data.
DAR integrity can be achieved by securely storing the secrets in hardware/TPM, or by using specialized software-enabled stores...
