The \u201cCIA\u201d in CIA Triad is an acronym for \u201cConfidentiality, integrity, and availability not to
mistake that for the actual CIA, the Triad is often called the AIC (Chai 1).\u201d It is a \u201cmodel that is
designed to guide policies for information security within an organization (Chai 1).\u201d
Confidentiality:
Measures are designed to prevent sensitive information from unauthorized access attempts (Chai
1).\u201d
Integrity:
\u201cInvolves maintaining the consistency, accuracy and trustworthiness of data over its entire
lifecycle (Chai 1).\u201d
Availability:
\u201cInformation should be consistently and readily accessible for authorized parties (Chai 2).\u201d
Authentication:
\u201cVerifies who the user is by using a password, biometric information, etc… It is also visible and
changeable by the user to some extent (“Authentication Vs Authorization”).\u201d
Example:
\u201cBy verifying their identity, employees can gain access to a human resources (HR) application
that includes their personal pay information, vacation time, and 401K data (“Authentication Vs
Authorization”)\u201d.
Authorization:
\u201cDetermines the resources the user can access (“Authentication Vs Authorization”).\u201d \u201cOften
maintained and implemented through an organization It is neither visible nor changeable by the
user (“Authentication Vs Authorization”).\u201d
Example:
\u201cOnce their level of access is authorized, employees and HR managers can access different levels
of data based on the permissions set by the organization (“Authentication Vs Authorization”).\u201d
<\/p>\n\n\n\n
Citations
https:\/\/www.sailpoint.com\/identity-library\/difference-between-authentication-and-a
uthorization\/
What is the CIA Triad? Definition,Explanation, Examples. By Wesley Chai Chai
Article (Links to an external site.),
<\/p>\n","protected":false},"excerpt":{"rendered":"
The \u201cCIA\u201d in CIA Triad is an acronym for \u201cConfidentiality, integrity, and availability not tomistake that for the actual CIA, the Triad is often called the AIC (Chai 1).\u201d It is a \u201cmodel that isdesigned to guide policies for information security within an organization (Chai 1).\u201dConfidentiality:Measures are designed to prevent sensitive information from unauthorized access… <\/p>\n