Resource Integrity
From MgmtWiki
Contents
Full Title or Meme
The ability of the receiver to determine that a received resource has not be tampered with before it is used.
Context
- Where a digital device is dependent on the received resource being an exact duplicate of that produced by a trusted party, some sort of authentication code is suppled. Cryptography is used to assure that no attacker could alter the contents without the receiver detecting the alteration.
- This is also known a tamper evident protection.
Problems
Solutions
Code Signing
Sub Resource Integrity
- SRI for the browser is