Bottom Line : (CIA Triad & Authentication/Authorization)
The CIA Triad (Confidentiality, integrity, and availability) is an outline created to regulate an organization’s information security policies. Confidentiality refers to keeping a person or company’s data private and secure. Integrity is to make sure that data is consistent, valid, and reliable. Availability refers to making information reliable and accessible to authorized parties. The CIA Triad is a fundamental framework for cybersecurity; as it guides organizations in developing security policies and evaluates new products and technologies by focusing on these key areas.
Authentication ensures that users are who they claim they are. Authorization grants users permission to access a resource. While authentication and authorization may sound identical, they are two independent safety procedures in the world of cybersecurity.
Background :
The CIA triad concept has evolved over time. Confidentiality was first proposed in 1976 by the U.S. Air Force, while integrity was explored in a 1987 paper. The concept of availability gained popularity in 1988.
The CIA Triad consists of three key components: Confidentiality, Integrity, and Availability. Confidentiality measures prevent unauthorized access to sensitive information by categorizing data based on potential damage, allowing for more or less strict implementation based on potential damage. An example of confidentiality would be the Two-Factor Authentication (2FA) that is seen on most social media. Integrity ensures that data remains accurate, reliable, and credible throughout its existence, preventing adaptations and illegal misuse. An example of integrity would be if a company’s website includes information on executives or other staff, that information must be reliable. Availability refers to the consistent and simple availability of information for authorized parties, which involves appropriate maintenance of hardware and technical systems. An example of availability would be on ODU’s website. Every staff member has their contact information present in case a student needs to reach out. This information is available to the public.
Authentication ensures that users are who they claim they are. For example, in order to log into different social media accounts, the app requires the individual to confirm their identity with Two-Factor Authentication. Authorization grants users permission to access a resource. Allowing someone to download a specific file from a server or granting an individual with administrative access to an application would be authorization.
Conclusion :
The CIA Triad consists of three components to manage and safely protect data from unauthorized persons. The three components are Confidentiality, Integrity, and Availability. Although Authentication and Authorization sound similar, they are different. Authentication makes sure a person is who they say they are. Authorization is permitted to a limited number of people, only other authorized people can access that information.

Citations :
Shea, S. (2022, August 11). What is Data Security? the ultimate guide. Security. https://www.techtarget.com/searchsecurity/Data-security-guide-Everything-you-need-to-know
What is the difference between authentication and authorization?. SailPoint. (2023, March 7). https://www.sailpoint.com/identity-library/difference-between-authentication-and-authorization