Triad Definition

The CIA triad is a popular security model used to model organizations’ efforts and policies in securing their data. The model emphasizes three main principles: Confidentiality, Integrity, and Availability. Confidentiality is when only authorized users and processes can access or modify data. Integrity is data that should be maintained in a correct state, and nobody should be able to improperly modify it, either accidentally or maliciously. Availability is when authorized users access data whenever they need to do so. These three things make up the foundation of cyber security efforts and programs.

Authentication vs Authorization

Authentication is the process of identifying users and ensuring that they are who they claim to be. The most common factors to authenticate identity is a password. If the user enters the correct username and password, then their identity is valid, and the system grants access to the user.

Authorization occurs after a user’s identity has been successfully authenticated. The system can then determine the users’ permissions which then determine the resources the user may have access to. Information and resources may include databases, funds, and other critical information that may be necessary to complete their work.

Conclusion

The CIA triad is an important tool in cyber security today. It helps us narrow the focus of our efforts to maintain and protect our assigned systems. One of the many ways to do so is with authorization and authentication. Authentication is when a user enters the correct credentials, username, and password, to gain access to the system. Authorization occurs after authentication and is used to determine the permissions the user is granted, identifying which resources they have access to.

Works Cited

• https://securityboulevard.com/2020/06/authentication-vs-authorization-defined-whats-the-difference-infographic/