the assurance that an entity cannot deny a previous commitment. So not only must the data not be changed in transit, the originator must not be able to deny that the data came from them. The paternity test of data integrity. Implies [[data origin authentication]]. Cannot be achieved through [[symmetric|symmetric encryption]], because everyone has the same key - so the sender could claim they didn't send the message and the receiver falsified it, and alternatively the receiver _can_ falsify a message