Summary: This article discusses the CIA triad, which is a model designed to guide organizations
in managing their security. It also explains the differences between authentication and
authorization as well as provides an example of each.
The CIA Triad
The CIA triad is a security model designed to help organizations protect their information. It
outlines the three core components of information security: confidentiality, integrity, and
availability. Confidentiality ensures that only authorized people can access sensitive information.
Integrity ensures that information is accurate, complete, and secure. Availability ensures that
authorized users can access the information when needed.
Authentication & Authorization
Authentication and authorization are two related but distinct concepts in information
security. Authentication is the process of verifying a user’s identity. This is usually done
through a username and password combination. Authorization, on the other hand, is the
process of granting access to resources based on a user’s identity. The user must first
be authenticated before authorization can be granted.
Example
For example, a university may use authentication to verify that a student is who they
claim to be. Once the student has been authenticated, they can then be authorized to
access various resources such as course registration or library materials.
Conclusion The CIA triad is an important