The CIA triad, which is also known as confidentiality, integrity, and availability, is
considered one of the most integral concepts in cyber security. It helps guide policies for
information security in organizations. It’s essentially a way to keep important information
safe. Authentication and authorization are very important to the CIA Triad. Authentication
allows systems to verify a user is who they say they are. Examples of authentication include
biometrics and security tokens. Authorization is simply put. You must have the right to
access the data. According to the article by Josh Fruhlinger, “Public–key cryptography is a
widespread infrastructure that enforces both authentication and authorization”.
(Fruhlinger, 2024)
considered one of the most integral concepts in cyber security. It helps guide policies for
information security in organizations. It’s essentially a way to keep important information
safe. Authentication and authorization are very important to the CIA Triad. Authentication
allows systems to verify a user is who they say they are. Examples of authentication include
biometrics and security tokens. Authorization is simply put. You must have the right to
access the data. According to the article by Josh Fruhlinger, “Public–key cryptography is a
widespread infrastructure that enforces both authentication and authorization”.
(Fruhlinger, 2024)
Confidentiality is all about privacy. Makes sure that access to data is only for who
it’s intended for. The more sensitive the information is, the more severe the security should
be. Some examples include encryption and two–factor authentication. Integrity is all about
maintaining the efficiency and completeness of data. The data is protected from being
altered. Some examples also include encryption and user access controls. Availability
refers to information needing to be available when needed. Hardware and software need to
be properly maintained and always functioning.
References:
Fruhlinger, J. (2024, July 12). What is the CIA triad? A principled framework for defining
infosec policies. CSO Online. https://www.csoonline.com/article/568917/the–cia–triad–
definition–components–and–examples.html
freeCodeCamp. (2020, February 1). The CIA triad – confidentiality, integrity, and availability
explained. freeCodeCamp.org. https://www.freecodecamp.org/news/the–cia–triad–
confidentiality–integrity–and–availability–explained/
Hashemi–Pour, C., & Chai, W. (2023, December 21). What is the CIA triad?: Definition from
TechTarget. WhatIs. https://www.techtarget.com/whatis/definition/Confidentiality–
integrity–and–availability–CIA