Demetrius Evans
CYSE 200T
February 16th 2025
Professor Duvall
The CIA Triad, Authentication, and Authorization
BLUF: The CIA (Confidentiality, Availability, Integrity) Triad is a checklist for I.T workers that creates better security.
The Triad
The C in the CIA triad stands for confidentiality, which means privacy of the data in company (Chai, 2022). Confidentiality is about securing data by limiting access to it (Fortinet, 2025). The other two components, integrity and availability, are both built around this central idea of security. Integrity is about ensuring your data is not tampered with by unauthorized people (Chai, 2022). Integrity makes sure your data remains trustworthy, reliable, and accurate (Fortinet, 2025). The last part of the triad, availability, makes sure that the appropriate parties can access or change your data (Chai, 2022). Availability is all about keeping data easily accessible to authorized parties only (Chai, 2022).
Authentication and Authorization
Authentication and authorization are two main components of availability. Authentication involves cataloging users and checking if they are who they claim (Okta, 2024). Biometrics, passwords, or pins are three examples of authentication (Okta, 2024). Authentication checks that the user has access to the requested data or resources (Okta, 2024). Authorization should require permission from the owner of the data to access it (Okta, 2024). An example of authentication and authorization would be trying to access Professor Duvall’s reading monitor. To access it, you first need to log into your google account and then your Canvas, this would be the authentication, then you would need to click on the reading monitor. If you are not logged into google using your school email, you will not have access to the monitor and either must request access or try again with your ODU email, which would be the authorization part of this example.
Conclusion
Overall, the CIA Triad, along with authentication and authorization, are the core components of cyber security. Together they provide a checklist to ensure the basic security of your data and resources.