CIA Triad

Posted by efray001 on

The CIA Triad

The CIA Triad is a model used by organizations to guide policies for information security. The acronym CIA stands for confidentiality, integrity, and availability. In this model, confidentiality is a set of rules that limits access to information, integrity is the assurance that the information is trustworthy and accurate, and availability is a guarantee of reliable access to the information by authorized people (Chai 2022). The confidentiality concept is created to protect sensitive information that an organization holds. Preventing the release of such information is vital, and if companies are not careful, they could experience serious consequences. The concept of integrity is extremely important in an organization. If data is not accurate or trustworthy, it can cause problems with reliability, and users simple not having faith in the company. Availability is created so that data and information should always be accessible to those authorized to view it. If data is not readily available to users, it could cause serious issues, especially if tasks need to be completed in a timely matter.

Authentication and Authorization Authentication is the concept of determining if a user is who they claim to be (Auth0 2023). This prompts the user to provide valid credentials, such as an ID token, in order to prove their identity. Authorization is the concept of determining what a user is allowed to access (Auth0 2023). This is determined by policies and rules and provides the user with an access token. Authentication is done before authorization, and authorization can only be done after a successful authentication. A real-life example of authentication and authorization would be going through security at an airport. You show your passport or ID to authenticate your identity, then you present your boarding pass to a flight attendant to authorize you to get on the plane.

Refrences:

Auth0. “Authentication vs. Authorization.” Auth0 Docs, Auth0 Docs, 2023, auth0.com/docs/get-started/identity-fundamentals/authentication-and-authorization.

Chai, Wesley. “What Is the CIA Triad? Definition, Explanation, Examples.” Tech Target, 28 June 2022.

Leave a Reply

Your email address will not be published. Required fields are marked *