Confidentiality, Integrity, and Availability (CIA) triad

CIA (Confidentiality, Integrity, and Availability) Triple is a well-known security policy development model. This model contains the following three concepts.

Confidentiality - Confidential information is accessed only by authorized personnel and not accessed by personnel who are not authorized to own them. This is a user name, password, access control list (ACL) , And security mechanisms such as encryption. It is common if information is classified according to the degree of damage that may be caused by a coincidence hand. You can implement security measures accordingly

Integrity - Please make sure the information is true and correct form for its original purpose. The recipient of the message must have the information that the author intended. Information is only edited by authorized personnel and remains in its original state. Maintain consistency using security mechanisms such as data encryption and hashing. Since data may change due to non-human events such as electromagnetic pulses (EMP) and server crashes, it is necessary to use backup process and redundant system to ensure data integrity.

Availability - to allow people and people who need it access to information and resources. It is implemented using methods such as hardware maintenance, software patch, network optimization and so on. Processes such as redundancy, failover, RAID, and high availability clusters are used to mitigate the serious impact of hardware problems. Dedicated hardware devices can be used to prevent downtime and inaccessible data due to malicious operations such as Distributed Denial of Service (DDoS) attacks.

Information security (IS) is designed to protect the confidentiality, integrity, and availability of computer system data and malicious users. Confidentiality, integrity, and availability are sometimes referred to as Information Security CIA Triple. This triple evolved to what is commonly called Parker's HEXADO, including confidentiality, possession (or management), integrity, authenticity, usability, and usability. Information security handles risk management. Anything could be dangerous or a threat to CIA trio or Parker Hexad. Confidential information must be retained - changing, changing, or forwarding without permission is forbidden. For example, a message may be changed during transmission by a person who intercepted it before reaching the intended recipient. A good encryption tool will help mitigate this security threat.

What is CIA triad? No, CIA does not refer to CIA in this case. CIA refers to confidentiality, integrity, and availability. Information confidentiality, information integrity, and information availability. Many security measures are designed to protect one or more aspects of a CIA triplet. We will explore some of them in this article. The very important part in protecting confidentiality of information is encryption. By encryption, only the right person (who knows the key) can read the information. Encryption is very common in today's environment and is found in almost all major protocols being used. A very famous example is SSL / TLS. This is a security protocol for Internet communication combined with many Internet protocols to ensure security.