The CIA triad of information security is a security model that is broadly used for information that can assist them to evaluate an organization’s purposes and methods pointed at keeping its data defended. The CIA triad of information security executes defense using three principal areas associated with information systems including confidentiality, integrity, and availability. Authentication and Authorization are both terms used for security, especially when gaining access to the security systems. Both are very critical topics mainly related to being the fundamental parts of its service infrastructure.
Authentication is defined as identifying and confirming who you say you are. For example, there are multiple ways to identify yourself like passwords security tokens, cryptographic keys, and other various ways to provide recognition to the systems. Authorization however is deciding if you have permission to access a resource. For example, having access to URLs, secure objects and methods, and access control list (ACLs). These two terms play a part in confidentiality which can be enforced by technical and non-technical means. A closing important principle of information security that it does not completely fit into the CIA triad because it’s forever changing and “non-repudiation”.
To sum it up, CIA Triad is all about gathering information and other various pieces of data. Even though this is considered the focus factor of the preponderance of information technology security, it assists a restricted view of the security and data that overlooks other important circumstances. Authentication is identifying and verifying whom you say you are. Authorization is determining if you have entrance to a resource. Both fall under confidentiality because confidentiality is protecting sensitive information.



Works Cited
Fruhlinger, Josh. “The CIA Triad.pdf.” Google Drive, Google, 2020, drive.google.com/file/d/1Mn3icTLG5X3W7tJjuDaohW8OscHdLOQI/view.
“What Is CIA Triad of Information Security? – Definition from Techopedia.” Techopedia.com, 2019, www.techopedia.com/definition/25830/cia-triad-of-information-security.