The article “ What is the CIA Triad? Definition, Explanation, Examples” by Wesley Chai focuses on the three main components of the CIA triad, which are confidentiality, integrity, and availability. The article also touches on the importance and examples of the CIA triad.

Description of the CIA Triad

The acronym CIA stands for confidentiality, integrity, and availability. To avoid confusion with the Central Intelligence Agency, the approach is also frequently referred to as the AIC triad availability, integrity, and confidentiality. The purpose of confidentiality protection measures is to prevent unauthorized access to sensitive information. Data is commonly categorized according to the extent and kind of damage that may be done if it ends up in the wrong hands. Then, greater or less severe restrictions can be put into place using these classifications. Integrity means making sure that data is reliable, accurate, and consistent over its entire existence. Data cannot be changed while in transit, and precautions must be taken to prevent unauthorized parties from changing it. Availability means that authorized parties should have constant and easy access to information. Hardware, technical systems, and infrastructure that store and show the information must be properly maintained to accomplish this.

Difference between Authentication and Authorization

Simply defined, the process of confirming someone’s identity is known as authentication, whereas the process of confirming a user’s access to particular programs, files, and data is known as authorization. Authentication and authorization serve the same functions in the digital world. To make sure users are who they say they are, authentication is needed. Authentication validates the user’s identity. Passwords, one-time pins, biometric data, and other data that the user provides or enters are also used for authentication. For example, employees can receive access to a human resources application that includes their personal pay information, vacation time, and 401K data by verifying their identification. What resources a user can access depends on authorization. The organization sets up and manages settings that are used for authorization. For example, employees and HR managers can access various levels of data depending on the permissions provided by the company once their level of access has been allowed(2023).

Conclusion

The CIA triad is composed of confidentiality, integrity, and availability. These are the most fundamental and crucial elements of cybersecurity. Confidentiality is a system of rules that restricts access to information, while integrity ensures that the information is trustworthy and correct, and availability ensures that authorized people have consistent access to the information. Authentication is the process of identifying someone’s identity, while authorization is the process of confirming a user’s access to certain programs.

References

Google. (n.d.-b). What is the CIA triad_ definition, explanation, examples – techtarget.pdf. Google Drive.https://drive.google.com/file/d/1898r4pGpKHN6bmKcwlxPdVZpCC6Moy8l/view

What is the difference between authentication and authorization?. SailPoint. (2023, March 7). https://www.sailpoint.com/identity-library/difference-between-authentication-and-authorization/#:~:text=Simply%20put%2C%20authentication%20is%20the,people%20can%20come%20on%20board