In cryptography, digital signature is created from the mathematical relationship between the private key and public key. Private-key, a non-shared key is used only by the signer to electronically sign documents. Public-key, which is openly available is also used by a recipient of the message or those who need to validate the signer’s electronic signature. The validation should confirm two things, verify data hasn’t been tempered and message is signed by who claim to have signed. Few other effective mechanisms to prevent data/message tampering are

1. Introducing data encryption method at rest- and data encryption in-transit:
2. Copy-on-write often referred to as COW, where each time a database is modified, delta snapshots are taken. Security teams can detect data tampering by monitoring snapshots and checking for unexpected file system snapshots.
3. File Integrity Monitoring (FIM), the process of monitoring files to check if any changes have been made. It assesses system files and generates a cryptographic checksum as a baseline. Then, it repeatedly recalculates the checksum of the same resources, compares it to the baseline, and if it detects changes, it generates a security alert.
4. WORM systems (Write Once Read Many): Write once read many (WORM) systems refer to a storage technology where data, once written, cannot be overwritten or modified.

Used Reference:

https://www.cypressdatadefense.com/blog/data-tampering-prevention/

Birhane: compiled and organized from course Material.