CIA Triad

Posted by mbyrd005 on

The CIA Triad stands for Confidentiality, Integrity, and Availability. The triad has nothing to do with the United States Central Intelligence Agency, but rather the main principles in which they live and work by. The Triad was formally established by 1998, however it was not created by one person alone. Because of this people have been able to put their own interpretations into the concept, as well as add more detail to the concept. The CIA Triad is so important because it is used to better understand the vast majority of security software, services, and techniques that are present in the marketplace today. These principles being placed in the form of a triad is something that is necessary in order to ensure that they are made crystal clear in their existence. There are some contrasts that are also present in the triad like requiring detailed authentication for data access would make it very difficult for people who have the right to access that information to do so, however it would ensure its confidentiality. While keeping the triad in mind when establishing information security policies allows for the team as well as the company to make an adequate decision on which element is best fit for the set of data. When thinking about cybersecurity most people tend to think about confidentiality, which includes authentication and authorization. Authentication can be defined as the process that allows systems to determine if a user is really who they claim to be. It also includes things such as passwords, security tokens, and cryptographic keys. Authorization can be defined as what determines who has the authority to access the information/data. An example of authentication would be two factor authentication or just simply entering a username and password. An example of authorization would be an authorization policy at a bank or a merchant, because anybody is allowed to go in and create an account but the authorization policy ensures that you are who you say you are in order to access it.

References

“What Is Authorization and Access Control?” ICANN, www.icann.org/news/blog/what-is-authorization-and-access-control.
Fruhlinger, Josh. “The CIA Triad.pdf.” Google Drive, Google, drive.google.com/file/d/1Mn3icTLG5X3W7tJjuDaohW8OscHdLOQI/view.

Leave a Reply

Your email address will not be published. Required fields are marked *