
Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Detail description on different triad of information security
Typology: Study Guides, Projects, Research
1 / 1
This page cannot be seen from the preview
Don't miss anything!

CIA Triad is a model that guide policies for Information Security. CIA stands for Confidentiality , Integrity and Availability. Sometimes CIA triad model is also referred as AIC triad (Availability, Integrity and Confidentiality), so that CIA cannot be confused with the Central Intelligence Agency. These three elements are considered the most crucial components of security and if any one of the three are breached then it can have unexpected consequences.
Confidentiality is equivalent to privacy. It is the ability to hide information from those people who are not authorized to view data. It is the most important aspect of CIA triad but it is the one which is attacked most often. To Ensure confidentiality of data transfer, one can use Cryptography and Encryption methods. Any unauthorized access can lead to information security incident.
E.g – Sharing password of iCloud with someone may lead to threat of confidential information stored on phone.
Integrity is the trustworthiness and accuracy of the information. Inaccurate information can lead to devastating consequences. The data that is sent from an authorized user should be received by authorized user as it was sent without any changes.
E.g.: Whatsapp included end to end encryption of messages in its new versions so that the integrity is maintained.
Availability is the accessibility of information to authorized user. Availability is as important as confidentiality and integrity. An information without access is of no use. An information should always be available to intended user. Availability can be maintained by performing regular maintenance on hardware and other resources.
E.g.: In 2012, Yahoo was attacked by anonymous source. Hackers stole 400000 username’s and password’s. Due to which authorize individuals belonging to that 400000 accounts, were not able to access their mail box.