What is the CIA Triad?

Posted by eyoun017 on

The CIA triad model consists of three levels of security and stands for CONFIDENTIALITY,INTEGRITY, and AVAILABILITY. This is designed to protect policies within an organization.

Confidentiality:It is like privacy, this is used to prevent sensitive information from being accessed from people trying to break into your online data. The data is usually placed by how important it is compared to other data you have and that will make it easier or harder to get. Basically this is how assets and data are exposed to people or processes and ensures that only the people who are supposed to get access to the resource can.

Integrity: This includes permissions with files and other controls that you can access. Organizations must put forth some effort to find any data changes in these systems, these would occur because of non-human caused events such as ElectroMagnetic Pulse also known as (EMP). In other words Integrity ensures that assets or data isn’t changed without proper authorization. This not only includes Items like entries in a database server but also adding a user to a network.

Availability:This helps maintain all data hardware, this helps keep all the conflicts away and makes it so you have good systems and data set up when you need to use them. Providing good communication bandwidth and preventing bottlenecks are also good tactics. Fast and adaptive disaster recovery is needed for bad scenarios where you lose everything you have in the computer. To prevent data loses you need to have backup copies for everything. In simple terms Avalability ensures that the data or assets are accessible when needed. In order for work to continue, you must be able to access data when necessary.

Differences between authentication and authorization:

Authentication is when the computer or a person challenges the person to see if they are who they actually say they are, like when you wanna log on to your bank and they ask you what your favorite color or what the name of your dog is that is authentication. Authorization determines what users can and cannot access something. Usually for something like this you are going to need an access token kinda like how duo mobile works that would be your access token.

CITATIONS:

 Chai, Wesley. What is the CIA Triad? Definition, Explanation, Examples. TechTarget, 28 June 2022, www.techtarget.com/whatis/definition/Confidentiality-integrity-and-availability-CIA. Accessed 2 feb 2025.

“Authentication and Authorization.” Auth0 Docs, Auth0. Accessed [2 Feb. 2025.].

Leave a Reply

Your email address will not be published. Required fields are marked *