Authenticity

The information security objective of authenticity refers to ensuring that the information, communications and users involved in an information system are genuine and that their identity can be verified. Authenticity is crucial for establishing trust in digital interactions, as it guarantees that the data or communication comes from a legitimate source and has not been tampered with. Important key aspects of authenticity are:

Ensuring that the identities of users, systems or devices involved in an interaction are correctly verified. This prevents someone from impersonating another person or unauthorised persons from accessing or modifying data.

Ensuring that the source of the data or communication can be reliably identified and verified. This helps to establish that the data comes from a trustworthy and legitimate source.

Ensuring that the data has not been changed or manipulated during transmission. This is closely related to the goal of integrity, but also includes confirmation of the data source.

Use of cryptographic techniques such as digital signatures to verify the authenticity of documents, messages or transactions. A digital signature confirms that the data has been sent by the purported sender and has not been altered.

Use of digital certificates and PKI to authenticate the identity of users, devices or systems. Certificates link public keys to identities and are issued by trusted certification authorities (CAs).

Ensuring that a party in a communication or transaction cannot deny the authenticity of their participation. This is often achieved through mechanisms such as digital signatures