{"id":310,"date":"2025-04-29T01:28:03","date_gmt":"2025-04-29T01:28:03","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/jdaaamasheport\/?p=310"},"modified":"2025-04-29T01:28:03","modified_gmt":"2025-04-29T01:28:03","slug":"the-cia-triad-and-differences-between-authentication-authorization","status":"publish","type":"post","link":"https:\/\/sites.wp.odu.edu\/jdaaamasheport\/2025\/04\/29\/the-cia-triad-and-differences-between-authentication-authorization\/","title":{"rendered":"The CIA Triad and Differences Between Authentication &amp; Authorization"},"content":{"rendered":"\n<p><em>The CIA Triad and Access Control Mechanisms<br>**This explains the CIA Triad (Confidentiality, Integrity, Availability) and distinguishes<br>between authentication and authorization with examples.**<\/em><\/p>\n\n\n\n<p class=\"has-luminous-vivid-orange-background-color has-background\"><strong><em>CIA Triad<br><\/em><\/strong>The CIA Triad is a basic framework in cybersecurity that provides a guide on how security<br>processes should be carried out in securing information. It has three fundamental principles that<br>include confidentiality, integrity, and availability (Chai, 2022). Confidentiality assures the<br>protection of information from unauthorized access by applying rights to only the authorized. A<br>good comparison is from how a youth keeps his or her diary, which is accessed by the owner or<br>someone with a key. The confidentiality could be preserved by second or further layers of<br>security, such as encryption, passwords, and advanced passwords, or two-factor and\/or<br>multi-factor authentication (MFA). For instance, while logging in to their bank accounts,<br>authenticated users use passwords and unique security questions to prove that they are the actual<br>owners of their funds. Integrity involves accuracy and trustworthiness in information, thereby<br>ensuring no alteration in the information by any unauthorized people. If it were a written<br>contract, you wouldn&#8217;t want anyone to alter it after it was signed without your consent. To ensure<br>the integrity, checksums, hashes, checksum functions, and digital signatures can be applied.<br>Tools that verify the permissions granted to files, for instance, guarantee that the software was<br>authentic and unaltered. Availability refers to making sure the data is accessible to anyone who is<br>responsible or allowed. Maintaining optimal system performance for data backup, information<br>categorization, and disaster recovery procedures is typically how this is accomplished. Cloud<br>storage services that use redundant servers to guarantee that consumers may access their data<br>without any disruptions or losses even after this happens are an excellent example.<br><strong><em>Authentication vs. Authorization<br><\/em><\/strong>Although authorization and authentication are sometimes confused, they are two different<br>processes in the field of cybersecurity (Auth0, n.d.). Establishing your identification, or<br>confirming that you are who you claim to be, is the process of authentication. It&#8217;s comparable to<br>presenting identification to enter a secured structure. Authentication techniques include security<br>tokens, biometrics (facial recognition or fingerprint), and passwords. For example, you need to<br>verify your identity by entering your login and password while attempting to access your email<br>account. The process of determining what actions are permitted following successful<br>authentication is known as authorization (Fortinet, n.d.). It\u2019s like getting access to different<br>rooms of a building depending on your status. Permissions are the capabilities that are assigned<br>to a user account that determines the actions they can perform. For instance, after logging into a<br>cloud storage app, you may be allowed to read content but not erase it, unless you are an admin.<br>All in all, understanding the CIA triad is important for businesses and individuals to develop<br>good security policies. Similarly, distinguishing between authentication and authorization is<br>important to ensure the right of access is given to the right person to avoid unauthorized access.<br>These principles can be implemented to protect data and build trust in an organization\u2019s systems.<\/p>\n\n\n\n<p class=\"has-vivid-green-cyan-background-color has-background\"><strong><em>References<br><\/em><\/strong>Chai, W. (2022). &#8220;What is the CIA Triad? Definition, Explanation, Examples.&#8221; TechTarget.<br>Retrieved from<br>https:\/\/www.techtarget.com\/whatis\/definition\/Confidentiality-integrity-and-availability-CIA<br>Auth0. (n.d.). &#8220;Authentication and Authorization.&#8221; Auth0 Documentation. Retrieved from<br>https:\/\/auth0.com\/docs\/get-started\/identity-fundamentals\/authentication-and-authorization<br>Fortinet. (n.d.). &#8220;Authentication vs. Authorization.&#8221; Fortinet Cyber Glossary. Retrieved from<br>https:\/\/www.fortinet.com\/resources\/cyberglossary\/authentication-vs-authorization<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The CIA Triad and Access Control Mechanisms**This explains the CIA Triad (Confidentiality, Integrity, Availability) and distinguishesbetween authentication and authorization with examples.** CIA TriadThe CIA Triad is a basic framework in cybersecurity that provides a guide on how securityprocesses should be carried out in securing information. It has three fundamental principles thatinclude confidentiality, integrity, and availability&#8230; <\/p>\n<div class=\"link-more\"><a href=\"https:\/\/sites.wp.odu.edu\/jdaaamasheport\/2025\/04\/29\/the-cia-triad-and-differences-between-authentication-authorization\/\">Read More<\/a><\/div>\n","protected":false},"author":30554,"featured_media":311,"comment_status":"open","ping_status":"open","sticky":true,"template":"","format":"standard","meta":{"footnotes":"","wds_primary_category":0},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/jdaaamasheport\/wp-json\/wp\/v2\/posts\/310"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/jdaaamasheport\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/jdaaamasheport\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/jdaaamasheport\/wp-json\/wp\/v2\/users\/30554"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/jdaaamasheport\/wp-json\/wp\/v2\/comments?post=310"}],"version-history":[{"count":1,"href":"https:\/\/sites.wp.odu.edu\/jdaaamasheport\/wp-json\/wp\/v2\/posts\/310\/revisions"}],"predecessor-version":[{"id":312,"href":"https:\/\/sites.wp.odu.edu\/jdaaamasheport\/wp-json\/wp\/v2\/posts\/310\/revisions\/312"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/jdaaamasheport\/wp-json\/wp\/v2\/media\/311"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/jdaaamasheport\/wp-json\/wp\/v2\/media?parent=310"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/jdaaamasheport\/wp-json\/wp\/v2\/categories?post=310"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/jdaaamasheport\/wp-json\/wp\/v2\/tags?post=310"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}