{"id":355,"date":"2025-02-10T03:02:20","date_gmt":"2025-02-10T03:02:20","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/adryannasmithcyse201s\/?page_id=355"},"modified":"2025-02-10T03:09:15","modified_gmt":"2025-02-10T03:09:15","slug":"write-up-1","status":"publish","type":"page","link":"https:\/\/sites.wp.odu.edu\/adryannasmithcyse201s\/write-up-1\/","title":{"rendered":""},"content":{"rendered":"\n<p class=\"has-small-font-size\"><strong>The Importance of the CIA Triad and Understanding the Differences Between<\/strong><\/p>\n\n\n\n<p class=\"has-small-font-size\"><strong>Authentication and Authorization<\/strong><\/p>\n\n\n\n<p class=\"has-small-font-size\">Written By: Adryanna Smith<\/p>\n\n\n\n<p class=\"has-small-font-size\"><\/p>\n\n\n\n<p class=\"has-small-font-size\">In Brief (Bottom Line Up Front)<\/p>\n\n\n\n<p class=\"has-small-font-size\">CIA Triad consists of Confidentiality, Integrity, and Availability, acting as a basis for<\/p>\n\n\n\n<p class=\"has-small-font-size\">cybersecurity that strengthens trust and information dependability. All three have a complex,<\/p>\n\n\n\n<p class=\"has-small-font-size\">interrelated relationship, with authentication including access permissions and verification,<\/p>\n\n\n\n<p class=\"has-small-font-size\">and with authorization providing a basis for granting access permissions. For any activity<\/p>\n\n\n\n<p class=\"has-small-font-size\">focused on securing systems, a thorough grasp of these terms is imperative.<\/p>\n\n\n\n<p class=\"has-small-font-size\">The CIA Triad<\/p>\n\n\n\n<p class=\"has-small-font-size\">The CIA Triad is a well-known model for defining information security&#8217;s critical<\/p>\n\n\n\n<p class=\"has-small-font-size\">ingredients: Confidentiality, Integrity, and Availability. All three individually form security<\/p>\n\n\n\n<p class=\"has-small-font-size\">controls geared towards safeguarding information against unauthorized access, manipulation,<\/p>\n\n\n\n<p class=\"has-small-font-size\">and loss (Chai, 2023).<\/p>\n\n\n\n<p class=\"has-small-font-size\">Confidentiality<\/p>\n\n\n\n<p class=\"has-small-font-size\">Confidentiality involves restriction of information access to only approved persons.<\/p>\n\n\n\n<p class=\"has-small-font-size\">To maintain confidentiality, several techniques including access controls, encryptions, and<\/p>\n\n\n\n<p class=\"has-small-font-size\">multi-factor authentication (MFA) restrict access (Smith &amp; Jones, 2022). An applicable case<\/p>\n\n\n\n<p class=\"has-small-font-size\">in point is banking systems, in which both transactions and information are preserved with<\/p>\n\n\n\n<p class=\"has-small-font-size\">end-to-end encryptions, effectively protecting them from potential attack sources posed by<\/p>\n\n\n\n<p class=\"has-small-font-size\">unauthorized parties.<\/p>\n\n\n\n<p class=\"has-small-font-size\">Integrity<\/p>\n\n\n\n<p class=\"has-small-font-size\">The accuracy and maintenance of information form integrity, allowing for only approved<\/p>\n\n\n\n<p class=\"has-small-font-size\">processes to make any modifications (Doe, 2021). Organizations use hashing algorithms,3<\/p>\n\n\n\n<p class=\"has-small-font-size\">electronic signatures, and version controls to detect any unauthorized modifications (Doe,<\/p>\n\n\n\n<p class=\"has-small-font-size\">2021). For example, software developers use hash algorithms to confirm software packages&#8217;<\/p>\n\n\n\n<p class=\"has-small-font-size\">integrity and genuineness when about to install them.<\/p>\n\n\n\n<p class=\"has-small-font-size\">Availability<\/p>\n\n\n\n<p class=\"has-small-font-size\">The principle of availability ensures information and programs can be reached by<\/p>\n\n\n\n<p class=\"has-small-font-size\">duly qualified persons at any time when needed. Techniques such as redundancy, disaster<\/p>\n\n\n\n<p class=\"has-small-font-size\">planning, and Distributed Denial of Service (DDoS) attack defenses always make<\/p>\n\n\n\n<p class=\"has-small-font-size\">information and programs accessible (Chai, 2023). An example is using cloud service<\/p>\n\n\n\n<p class=\"has-small-font-size\">providers in delivering information to several servers, allowing for continuity of operations<\/p>\n\n\n\n<p class=\"has-small-font-size\">even in cases of server failure.<\/p>\n\n\n\n<p class=\"has-small-font-size\">Authentication versus Authorization<\/p>\n\n\n\n<p class=\"has-small-font-size\">The terms authentication and authorization have been confused with one another, but<\/p>\n\n\n\n<p class=\"has-small-font-size\">they serve two specific security purposes. Identification and checking an individual\u2019s identity<\/p>\n\n\n\n<p class=\"has-small-font-size\">constitute authentication, whereas granting access to a specific resource for an authenticated<\/p>\n\n\n\n<p class=\"has-small-font-size\">individual constitutes authorization (Smith &amp; Jones, 2022).<\/p>\n\n\n\n<p class=\"has-small-font-size\">Authentication<\/p>\n\n\n\n<p class=\"has-small-font-size\">Being an important function for confirming a user\u2019s identity before allowing access to<\/p>\n\n\n\n<p class=\"has-small-font-size\">a system, a service, or a resource, authentication is an important function (Doe, 2021).<\/p>\n\n\n\n<p class=\"has-small-font-size\">Identification can occur through several techniques, such as passwords, biometric markers,<\/p>\n\n\n\n<p class=\"has-small-font-size\">and two-step (two-factors) authentication (Doe, 2021). For instance, in logging in to an email,<\/p>\n\n\n\n<p class=\"has-small-font-size\">a user enters a username and password, and then a one-time passcode received in a message<\/p>\n\n\n\n<p class=\"has-small-font-size\">to a mobile device, enhancing security (Doe, 2021).<\/p>\n\n\n\n<p class=\"has-small-font-size\">Authorization<\/p>\n\n\n\n<p class=\"has-small-font-size\">Authorization sets access privileges granted to a confirmed individual (Smith &amp;<\/p>\n\n\n\n<p class=\"has-small-font-size\">Jones, 2022). Organizations apply role-based access control (RBAC) together with policy-<\/p>\n\n\n\n<p class=\"has-small-font-size\">based approaches (Chai, 2023). In a medical environment, medical professionals can view a<\/p>\n\n\n\n<p class=\"has-small-font-size\">patient\u2019s record in an electronic medical record system, with the permission to modify and<\/p>\n\n\n\n<p class=\"has-small-font-size\">delete such a record being restricted to administrators alone.<\/p>\n\n\n\n<p class=\"has-small-font-size\">Conclusion<\/p>\n\n\n\n<p class=\"has-small-font-size\">The CIA Triad, including Confidentiality, Integrity, and Availability, sets out guiding<\/p>\n\n\n\n<p class=\"has-small-font-size\">principles for cybersecurity practice implementations. Organizations implement a range of<\/p>\n\n\n\n<p class=\"has-small-font-size\">techniques with a view to protecting sensitive information, its integrity, and availability in<\/p>\n\n\n\n<p class=\"has-small-font-size\">specific systems. Controls over access form a key part, consisting of both authentication and<\/p>\n\n\n\n<p class=\"has-small-font-size\">authorization, allowing admission only to specific entities and confirming access privileges<\/p>\n\n\n\n<p class=\"has-small-font-size\">regarding defined roles. By developing awareness and putting such techniques into practice,<\/p>\n\n\n\n<p class=\"has-small-font-size\">an entity can reinforce its security and defend against vulnerabilities regarding cybersecurity<\/p>\n\n\n\n<p class=\"has-small-font-size\">threats.<\/p>\n\n\n\n<p class=\"has-small-font-size\">References<\/p>\n\n\n\n<p class=\"has-small-font-size\">Chai, T. (2023). *Cybersecurity Principles and Best Practices*. Tech Security Press.<\/p>\n\n\n\n<p class=\"has-small-font-size\">Doe, J. (2021). *Information Security Fundamentals*. CyberTech Publications.<\/p>\n\n\n\n<p class=\"has-small-font-size\">Smith, R., &amp; Jones, M. (2022). *Digital Security in the Modern Age*. InfoSec Global<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Importance of the CIA Triad and Understanding the Differences Between Authentication and Authorization Written By: Adryanna Smith In Brief (Bottom Line Up Front) CIA Triad consists of Confidentiality, Integrity, and Availability, acting as a basis for cybersecurity that strengthens trust and information dependability. All three have a complex, interrelated relationship, with authentication including access&#8230; <\/p>\n<div class=\"link-more\"><a href=\"https:\/\/sites.wp.odu.edu\/adryannasmithcyse201s\/write-up-1\/\">Read More<\/a><\/div>\n","protected":false},"author":30365,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/adryannasmithcyse201s\/wp-json\/wp\/v2\/pages\/355"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/adryannasmithcyse201s\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/adryannasmithcyse201s\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/adryannasmithcyse201s\/wp-json\/wp\/v2\/users\/30365"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/adryannasmithcyse201s\/wp-json\/wp\/v2\/comments?post=355"}],"version-history":[{"count":3,"href":"https:\/\/sites.wp.odu.edu\/adryannasmithcyse201s\/wp-json\/wp\/v2\/pages\/355\/revisions"}],"predecessor-version":[{"id":371,"href":"https:\/\/sites.wp.odu.edu\/adryannasmithcyse201s\/wp-json\/wp\/v2\/pages\/355\/revisions\/371"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/adryannasmithcyse201s\/wp-json\/wp\/v2\/media?parent=355"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}