CIA Triad: Confidentiality, Integrity, and Availability in Information Security, Study Guides, Projects, Research of Network security

Detail description on different triad of information security

Typology: Study Guides, Projects, Research

2016/2017

Uploaded on 05/24/2017

gaurav-jain
gaurav-jain 🇺🇸

4.5

(4)

5 documents

1 / 1

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CIA Triad
CIA Triad is a model that guide policies for Information Security. CIA stands for
Confidentiality, Integrity and Availability. Sometimes CIA triad model is also referred as AIC
triad (Availability, Integrity and Confidentiality), so that CIA cannot be confused with the
Central Intelligence Agency. These three elements are considered the most crucial components of
security and if any one of the three are breached then it can have unexpected consequences.
Confidentiality
Confidentiality is equivalent to privacy. It is the ability to hide information from those people
who are not authorized to view data. It is the most important aspect of CIA triad but it is the one
which is attacked most often. To Ensure confidentiality of data transfer, one can use
Cryptography and Encryption methods. Any unauthorized access can lead to information
security incident.
E.g – Sharing password of iCloud with someone may lead to threat of confidential information
stored on phone.
Integrity
Integrity is the trustworthiness and accuracy of the information. Inaccurate information can lead
to devastating consequences. The data that is sent from an authorized user should be received by
authorized user as it was sent without any changes.
E.g.: Whatsapp included end to end encryption of messages in its new versions so that the
integrity is maintained.
Availability
Availability is the accessibility of information to authorized user. Availability is as important as
confidentiality and integrity. An information without access is of no use. An information should
always be available to intended user. Availability can be maintained by performing regular
maintenance on hardware and other resources.
E.g.: In 2012, Yahoo was attacked by anonymous source. Hackers stole 400000 username’s and
password’s. Due to which authorize individuals belonging to that 400000 accounts, were not able
to access their mail box.

Partial preview of the text

Download CIA Triad: Confidentiality, Integrity, and Availability in Information Security and more Study Guides, Projects, Research Network security in PDF only on Docsity!

CIA Triad

CIA Triad is a model that guide policies for Information Security. CIA stands for Confidentiality , Integrity and Availability. Sometimes CIA triad model is also referred as AIC triad (Availability, Integrity and Confidentiality), so that CIA cannot be confused with the Central Intelligence Agency. These three elements are considered the most crucial components of security and if any one of the three are breached then it can have unexpected consequences.

Confidentiality

Confidentiality is equivalent to privacy. It is the ability to hide information from those people who are not authorized to view data. It is the most important aspect of CIA triad but it is the one which is attacked most often. To Ensure confidentiality of data transfer, one can use Cryptography and Encryption methods. Any unauthorized access can lead to information security incident.

E.g – Sharing password of iCloud with someone may lead to threat of confidential information stored on phone.

Integrity

Integrity is the trustworthiness and accuracy of the information. Inaccurate information can lead to devastating consequences. The data that is sent from an authorized user should be received by authorized user as it was sent without any changes.

E.g.: Whatsapp included end to end encryption of messages in its new versions so that the integrity is maintained.

Availability

Availability is the accessibility of information to authorized user. Availability is as important as confidentiality and integrity. An information without access is of no use. An information should always be available to intended user. Availability can be maintained by performing regular maintenance on hardware and other resources.

E.g.: In 2012, Yahoo was attacked by anonymous source. Hackers stole 400000 username’s and password’s. Due to which authorize individuals belonging to that 400000 accounts, were not able to access their mail box.