144

FFI-RAPPORT 16/00707

Security mechanisms

Integrity

The integrity of the piqlFilm that is being printed was never intact to

begin with, as the complete file of original information was never printed

onto the film in its entirety. The integrity of the logical information

stored in the Piql IT system was compromised when the alterations due

to sabotage took place.

Availability

The availability of the information is forever lost, unless the data owner

has backup copies.

Confidentiality

The confidentiality of the information was also breached the moment

state X broke through the security software of the Front-End code and

was able to access the client information to see which parts it wanted to

alter.

Immunity (against

attacks on the above

mentioned)

The Piql Preservation Services is not immune to attacks against

confidentiality, integrity and availability.

Recommendations

Recommended

protective measures

The IT security measures already in place are sound. Only a highly

resourceful threat actor would be able to perform the sabotage outlined

here. An option is to create a true air gap between the two computers’

CPUs. Although this will not stop the threat actor from gaining access

into the Piql IT system, it will make it impossible to alter the received

client data undetected. However, such a measure is an unlikely feature in

a production process, as it would make the production too inefficient.

References

Relevant literature