{"id":279,"date":"2023-12-02T05:44:17","date_gmt":"2023-12-02T05:44:17","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/joshuaseaford\/?p=279"},"modified":"2023-12-02T05:48:48","modified_gmt":"2023-12-02T05:48:48","slug":"the-cia-triad","status":"publish","type":"post","link":"https:\/\/sites.wp.odu.edu\/joshuaseaford\/2023\/12\/02\/the-cia-triad\/","title":{"rendered":"The CIA Triad"},"content":{"rendered":"\n<div class=\"wp-block-group is-layout-constrained wp-block-group-is-layout-constrained\"><div class=\"wp-block-group__inner-container\">\n<p>The CIA triad describes the most basic fundamental principle of cybersecurity.<br>Authentication is validating a user\u2019s identity. Authorization approves or denies a request to<br>access certain data.<br>The CIA Triad<br>The CIA triad can be broken down into three different sides: confidentiality, integrity, and<br>availability. Confidentiality has to do with the security of private data and documents. Upkeep<br>confidentiality can be maintained through proper employee training, password requirements and<br>minimums, two-factor authentication. Integrity includes user permissions and user access to files.<br>This helps lock down files and prevent access to users, helping prevent deletion of important data<br>and documents from unauthorized users. Availability is \u201cbest ensured by rigorously maintaining<br>all hardware.\u201d (What is the CIA Triad) This can include proper upkeep of the operating system<br>and environment used and repairing hardware hastily. Availability is also about staying up to date<br>with new technology and security and safety practices. The CIA triad is most optimal for smaller<br>businesses and data categories. It struggles with big data because the volume of data is hard to<br>keep secure. This can be a problem for certain businesses such as Amazon or Meta, but also a<br>problem for the government\/military. For both the businesses and government, they are trying to<br>securely store their data and keep it away from breaches.<br>Authentication vs. Authorization<br>Authentication is validating a user&#8217;s identity before allowing access to a network or<br>system. This can be done in many different ways: basic authentication, two-factor authentication,<br>mobile authentication, and silent network authentication. Authorization approves or denies a<br>request to access certain data. \u201cGoogle Docs is a good example because once the owner finishes<br>the document, they have to decide who can view the document without giving them complete<br>unrestricted access.\u201d (Twilio) The two most common types of authorization include role-based<br>access control and attribute-based access control. Role-based access control (RBAC) allows<br>different tiers of information depending on user roles. Attribute-based access control (ABAC)<br>relies on a user\u2019s attributes to grant authorization. (Twilio) These attributes can vary from<br>someone&#8217;s security clearance level to the file owner&#8217;s desired authorization to a user (viewer vs.<br>editor).<br>Conclusion<br>The CIA Triad is pivotal in advancing cybersecurity measures within organizations. It<br>allows access and covers all areas of security so that there aren\u2019t any holes in the system.<br>Authorization is about allowing users into your system by validating their identity. Authorization<br>approves or denies the request to access data from a user based on their role or attribute.<br>References<br>Twilio. (2023b, February 22). Authentication vs. Authorization: What\u2019s the Difference? Twilio<br>Blog. https:\/\/www.twilio.com\/blog\/authentication-vs-authorization<br>What is the CIA Triad_ Definition, Explanation, Examples &#8211; TechTarget.pdf. (n.d.). Google Docs.<br>https:\/\/drive.google.com\/file\/d\/1898r4pGpKHN6bmKcwlxPdVZpCC6Moy8l\/view<\/p>\n<\/div><\/div>\n","protected":false},"excerpt":{"rendered":"<p>The CIA triad describes the most basic fundamental principle of cybersecurity.Authentication is validating a user\u2019s identity. Authorization approves or denies a request toaccess certain data.The CIA TriadThe CIA triad can be broken down into three different sides: confidentiality, integrity, andavailability. Confidentiality has to do with the security of private data and documents. Upkeepconfidentiality can be&#8230; <\/p>\n<div class=\"link-more\"><a href=\"https:\/\/sites.wp.odu.edu\/joshuaseaford\/2023\/12\/02\/the-cia-triad\/\">Read More<\/a><\/div>\n","protected":false},"author":27499,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wds_primary_category":0},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/joshuaseaford\/wp-json\/wp\/v2\/posts\/279"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/joshuaseaford\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/joshuaseaford\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/joshuaseaford\/wp-json\/wp\/v2\/users\/27499"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/joshuaseaford\/wp-json\/wp\/v2\/comments?post=279"}],"version-history":[{"count":5,"href":"https:\/\/sites.wp.odu.edu\/joshuaseaford\/wp-json\/wp\/v2\/posts\/279\/revisions"}],"predecessor-version":[{"id":286,"href":"https:\/\/sites.wp.odu.edu\/joshuaseaford\/wp-json\/wp\/v2\/posts\/279\/revisions\/286"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/joshuaseaford\/wp-json\/wp\/v2\/media?parent=279"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/joshuaseaford\/wp-json\/wp\/v2\/categories?post=279"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/joshuaseaford\/wp-json\/wp\/v2\/tags?post=279"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}