Confidentiality, Integrity, and Availability

The classic model of information security defines three security objectives: confidentiality, integrity, and maintenance of availability. Each goal has various aspects of providing information protection.

Confidentiality means that protection information is not accessed by unauthorized parties. That is, only authorized persons can access confidential data. Please imagine your bank records. Of course, you should be able to access them and bank employees who help you complete the transaction should be able to access them, but no one will access them You should not. The inability to maintain confidentiality means that people not accessible are trying to obtain confidentiality through intentional actions or accidents. This type of confidentiality failure is also called a violation and it is often unable to repair. Once the secret is revealed, the secret can not be revealed. If your bank records are posted on public websites, anyone can know your bank account number, balance, etc. and remove this information from their minds, files, computers and other places You can not. Almost all major security incidents reported by the media today involve serious confidentiality losses.

In summary, confidentiality violation means that you can access information that someone should not access.

Integrity means to guarantee the reliability of information. Information is not changed, source of information is genuine. Imagine that you have a website that sells products on the website. Imagine that an attacker could shop on your website, change the price of your product with malice, and buy anything at the price they chose. Your information (in this case, the price of the product) has been changed, and since you have not approved of this change, this is an integrity failure. Another example of consistency failure is when you try to connect to a website and a malicious attacker between you and the website redirects your traffic to another website. In this case, the website you are pointing is not genuine.

Information security (IS) is designed to protect the confidentiality, integrity, and availability of computer system data and malicious users. Confidentiality, integrity, and availability are sometimes referred to as Information Security CIA Triple. This triple evolved to what is commonly called Parker's HEXADO, including confidentiality, possession (or management), integrity, authenticity, usability, and usability. Information security handles risk management. Anything could be dangerous or a threat to CIA trio or Parker Hexad. Confidential information must be retained - changing, changing, or forwarding without permission is forbidden. For example, a message may be changed during transmission by a person who intercepted it before reaching the intended recipient. A good encryption tool will help mitigate this security threat.

Confidentiality, integrity and availability are an important part of any effective information security program. Sometimes called "CIA Triad", confidentiality, integrity, and ease of use are guidelines that medical institutions have tailored to HIPAA security rules. The HIPAA regulation establishes concrete guidelines for maintaining the privacy and security of protected health information (PHI). These guidelines are summarized in a set of HIPAA regulations. The HIPAA security regulation sets the national standard that an entity holding HIPAA must be implemented within its organization. PHI is demographic information that can be used to identify patients. Common examples of PHI include name, address, telephone number, social security number, e-mail address, financial information, insurance ID number, medical record and so on. If the PHI is stored electronically, it is called Electronic Protection Health Information (ePHI).

What is CIA triad? No, CIA does not refer to CIA in this case. CIA refers to confidentiality, integrity, and availability. Information confidentiality, information integrity, and information availability. Many security measures are designed to protect one or more aspects of a CIA triplet. We will explore some of them in this article. The very important part in protecting confidentiality of information is encryption. By encryption, only the right person (who knows the key) can read the information. Encryption is very common in today's environment and is found in almost all major protocols being used. A very famous example is SSL / TLS. This is a security protocol for Internet communication combined with many Internet protocols to ensure security.