Chase Dickerson
February 4, 2024
<\/p>\n\n\n\n
Understanding the CIA Triad, Authentication, and Authorization<\/strong> The CIA triad is made up of these three fundamental principles Confidentiality, integrity, and Integrity deals with maintaining the accuracy and trustworthiness of data throughout its entire Availability means keeping information accessible and usable for authorized users when Together, these three concepts provide a robust foundation for comprehensive security policies, Looking closer at authentication, it kinda relies on validating credentials provided by the user. Source: Chase DickersonFebruary 4, 2024 Understanding the CIA Triad, Authentication, and Authorization The CIA triad is made up of these three fundamental principles Confidentiality, integrity, andavailability. These principles serve as the foundation for information security policies.Confidentiality is keeping sensitive information secure and private. This means using encryption,access controls, physical security measures, and other controls to prevent… <\/p>\n
<\/p>\n\n\n\n
availability. These principles serve as the foundation for information security policies.
Confidentiality is keeping sensitive information secure and private. This means using encryption,
access controls, physical security measures, and other controls to prevent unauthorized access.
We need to lock down data to keep it safe.
<\/p>\n\n\n\n
life cycle. So using error checking, data validation, backups, version control, and other
protections to prevent unauthorized modifications. We need to keep data protected and
untampered.
<\/p>\n\n\n\n
needed. This relies on having redundancy through backups and spare capacity, so the system
keeps running if something fails. It also requires regular maintenance and quick repairs to fix
bugs or hardware issues.
<\/p>\n\n\n\n
which organizations uphold through access controls, encryption, backups, and redundancy.
Now, when a user tries to log into a system, two key processes happen behind the scenes \u2013
authentication and authorization. Authentication is about verifying identity \u2013 checking that users
really are who they claim to be, typically by validating login credentials like usernames and
passwords. Authorization is different, as it establishes what authenticated users are allowed to
access or modify according to their role. For instance, a user might provide valid login details,
but authorization determines what resources they can actually see or change post-login.
In short, authentication confirms a user\u2019s identity, while authorization controls their system
access. When done right, these two elements work together to ensure users can only access
the resources they are properly authorized for \u2013 no more, no less.
<\/p>\n\n\n\n
The most common approach is username\/password, where a user enters their pre-registered
username and associated password. The system checks if this matches a user in the system. It
helps to enforce password complexity and expiration policies to ensure strong passwords.
A good example for protecting sensitive data on the internet and ensuring confidentiality is
requiring an account number or routing number for banking online. Data encryption is another
common method of ensuring confidentiality. User IDs and passwords constitute a pretty
standard procedure required for social media platforms, for example. Two-factor authentication
(2FA) is also becoming commonplace in the healthcare and financial services industries
(Hashemi-Pour & Chai, 2022).
<\/p>\n\n\n\n
https:\/\/www.techtarget.com\/whatis\/definition\/Confidentiality-integrity-and-availability-CIA<\/p>\n","protected":false},"excerpt":{"rendered":"