The CIA Triad

Posted by abasc002 on

The CIA triad, also known as confidentiality, integrity, and availability, is a term invented to manage information security policies inside a company. To avoid confusion with the Central Intelligence Agency, the approach is sometimes frequently referred to as the AIC triad (availability, integrity, and confidentiality).


Confidentiality

First is confidentiality, “Confidentiality is roughly equivalent to privacy. Confidentiality measures are designed to prevent sensitive information from unauthorized access attempts.” (Chai, 1). A person’s phone number, address, medical information, and social security number are examples of confidential information. Additionally, businesses contain private information like their financial records, secrets, client information, and marketing plans.

Integrity

Second is integrity, “Integrity involves maintaining the consistency, accuracy and trustworthiness of data over its entire lifecycle.” (Chai, 1). Even when no one is looking, someone with integrity acts honestly and honorably. Two examples of displaying integrity in ordinary situations include telling a clerk that they gave you too much change or returning to the store to pay for something you forgot to pay for.

Availability

Next is availability, “Availability means information should be consistently and readily accessible for authorized parties.” (Chai, 2). Whether someone or something can be reached or used is the definition of availability. When a classmate is available to meet on a specific date to discuss a project, is an example of availability.

Authentication and Authorization

A server uses authentication when it needs to be certain of the identity of the person accessing its data or website. When a client must be certain that the server is the system, it purposes to be, the client uses authentication. The user or machine must demonstrate their identity to the server or client during authentication. A server assesses if a client has permission to use a resource or access a file through the authorization procedure. Authentication and authorization are frequently combined so that the server can identify the client making the access request.

Conclusion

To wrap it up the CIA triad, also known as confidentiality, integrity, and availability, is a concept created to direct information security policies inside a company. Authentication confirms a user’s or service’s identity, while authorization establishes their access privileges.

References

Chai, W. (2023, February 10). What is the CIA triad? definition, explanation, examples: TechTarget. WhatIs.com. Retrieved February 11, 2023, from https://www.techtarget.com/whatis/definition/Confidentiality-integrity-and-availability-CIA
What does integrity mean in the workplace (and why it’s important). What Does Integrity Mean in the Workplace (and Why It’s Important). (n.d.). Retrieved February 11, 2023, from https://www.betterup.com/blog/integrity-in-the-workplace#:~:text=A%20person%20with%20integrity%20behaves,showing%20integrity%20in%20everyday%20circumstances.

Leave a Reply

Your email address will not be published. Required fields are marked *