The CIA Triad represents the fundamental concept in cybersecurity. The members of this triad can be interpreted as confidentiality, integrity, and availability. Confidentiality, according to Chai, ensures that only authorized persons may use the given information. This can be done through a variety of means, such as encryption or other access controls. Integrity preserves the data in the form it was originally created or intended to be used; such techniques include hashing and digital signatures. Availability assures the possibility for authorized users to use the data or related resources when they need them\u2014implemented through redundancy and backups. In a way, the three work together towards one principle, which is the establishment of a secure information system.\u00a0<\/p>\n\n\n\n
Considering this, allow me to explain the difference between authentication and authorization. Authentication is the process whereby an identity is verified\u2014whether it is logging into a system by entering a password or providing authentication by some other means such as multifactor authentication. Authorization takes place after authentication and defines what resources a user is allowed to access. An employee may successfully authenticate into the system but needs to be in finance to be authorized to access payroll records. In short, authentication is “Who are you?” while authorization is “What are you allowed to do?”\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"
The CIA Triad represents the fundamental concept in cybersecurity. The members of this triad can be interpreted as confidentiality, integrity, and availability. Confidentiality, according to Chai, ensures that only authorized persons may use the given information. This can be done through a variety of means, such as encryption or other access controls. Integrity preserves the… <\/p>\n