{"id":282,"date":"2025-09-25T18:47:20","date_gmt":"2025-09-25T18:47:20","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/dom-davis07\/?p=282"},"modified":"2025-09-25T18:47:20","modified_gmt":"2025-09-25T18:47:20","slug":"the-cia-triad-and-the-difference-of-authentication-and-authorization","status":"publish","type":"post","link":"https:\/\/sites.wp.odu.edu\/dom-davis07\/2025\/09\/25\/the-cia-triad-and-the-difference-of-authentication-and-authorization\/","title":{"rendered":"The CIA Triad and The Difference of Authentication and Authorization"},"content":{"rendered":"Within this paper there will be a description of the CIA Triad and the difference between authentication and authorization. The CIA triad is considered a model designed for guiding information on security policies. Its acronym stands for confidentiality, integrity, and availability which will be further discussed.

What is the CIA Triad?

\tThe CIA triad is a fundamental concept for information security; it represents three key principles. Confidentiality, integrity, and availability all have their purposes for maintaining security. The first component, confidentiality, ensures that sensitive information is protected from unauthorized access. According to \u201cFortinet.com\u201d a key component of maintaining confidentiality is making sure that people without proper authorization are prevented from accessing assets important to your business. (Fortinet.com). The second key principle being integrity; its function is to maintain the accuracy and completeness of data. It also helps prevent unwanted changes or deletion. Integrity involves making sure your data is trustworthy and free from tampering. The integrity of your data is maintained only if the data is authentic, accurate, and reliable. (Fortinet.com). Lastly, availability in the CIA triad deals with guaranteeing authorized users can access reliable information quickly. This is important because without availability, systems cannot be maintained, and individuals cannot access data. Systems, networks, and applications must be functioning as they should and when they should. Also, individuals with access to specific information must be able to consume it when they need to, and getting to the data should not take an inordinate amount of time. (Fortinet.com)
Differences Between Authentication and Authorization
Authentication and Authorization are two specific security processes with key differences. Authentication deals with verifying an individual\u2019s identity through certain processes. An example of this would be passwords or biometric scans or a real-world example, when you go through security in an airport, you show your ID to authenticate your identity. (Auth0 Docs). Authorization deals with an individual\u2019s access to information or clearance. In relation to the first example at an airport, you present your boarding pass to the flight attendant, so they can authorize you to board your flight and allow access to the plane. (AuthoO Docs). To put it simply, authentication answers the \u201cWho are you?\u201d, while authorization is \u201cWhat are you allowed to do?\u201d.

Conclusion
\tIn conclusion, the CIA triad and the difference between authentication and authorization are important to the security strategy. The CIA Triad ensures that data is protected, using the key components of confidentiality, integrity, and availability. Authentication\u2019s key difference to authorization is it deals with the verification of an individual\u2019s identity or credentials and authorization deals with what someone has access to. Understanding these principles an organization can protect their information by maintaining trust and using these processes to identify potential risks in our interconnected world.
\t


References
What is the CIA triad and why is it important?. Fortinet. (n.d.). https:\/\/www.fortinet.com\/resources\/cyberglossary\/cia-triad
Tech Target
GeeksforGeeks. (2025, August 28). Authentication vs authorization. https:\/\/www.geeksforgeeks.org\/computer-networks\/difference-between-authentication-and-authorization\/
Auth0. (n.d.). Authentication vs. authorization. Auth0 Docs. https:\/\/auth0.com\/docs\/get-started\/identity-fundamentals\/authentication-and-authorization
","protected":false},"excerpt":{"rendered":"

Within this paper there will be a description of the CIA Triad and the difference between authentication and authorization. The CIA triad is considered a model designed for guiding information on security policies. Its acronym stands for confidentiality, integrity, and availability which will be further discussed. What is the CIA Triad? The CIA triad is… <\/p>\n

Read More<\/a><\/div>\n","protected":false},"author":31576,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wds_primary_category":0},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/dom-davis07\/wp-json\/wp\/v2\/posts\/282"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/dom-davis07\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/dom-davis07\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/dom-davis07\/wp-json\/wp\/v2\/users\/31576"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/dom-davis07\/wp-json\/wp\/v2\/comments?post=282"}],"version-history":[{"count":1,"href":"https:\/\/sites.wp.odu.edu\/dom-davis07\/wp-json\/wp\/v2\/posts\/282\/revisions"}],"predecessor-version":[{"id":284,"href":"https:\/\/sites.wp.odu.edu\/dom-davis07\/wp-json\/wp\/v2\/posts\/282\/revisions\/284"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/dom-davis07\/wp-json\/wp\/v2\/media?parent=282"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/dom-davis07\/wp-json\/wp\/v2\/categories?post=282"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/dom-davis07\/wp-json\/wp\/v2\/tags?post=282"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}