What is CIA Triad And How Does It Work?
CIA triad is a guidelines of information security for an organization.
The three letters in “CIA triad” stand for Confidentiality, Integrity and Availability. The CIA triad is a common model that forms the basis for the development of security systems.
CIA stands for-
C = Confidentiality
I = Integrity
A = Availability
Confidentiality: is known as privacy that means data access is restricted to authorized personnel only.
Is to make sure that only authorized personnel are given access or permission to modify data.
There are some methods to ensure confidentiality: data encryption, username id and password, two factor authentication, minimizing exposure of sensitive information.
The first principle of the CIA Triad is confidentiality. Confidentiality is the concept of the measures used to ensure the protection of the secrecy of data, objects, or resources.
The goal of confidentiality protection is to prevent or minimize unauthorized access to data.
Confidentiality focuses security measures on ensuring that no one other than the intended recipient of a message receives it or is able to read it. Confidentiality protection provides a means for authorized users to access and interact with resources, but it actively prevents unauthorized users from doing so. A wide range of security controls can provide protection for confidentiality, including, but not limited to, encryption, access controls, and steganography.
If a security mechanism offers confidentiality, it offers a high level of assurance that
data, objects, or resources are restricted from unauthorized subjects. If a threat exists
against confidentiality, unauthorized disclosure could take place. An object is the passive element in a security relationship, such as files, computers, network connections, and applications. A subject is the active element in a security relationship, such as users, programs, and computers. A subject acts upon or against an object. The management of the relationship between subjects and objects is known as access control.
In general, for confidentiality to be maintained on a network, data must be protected
from unauthorized access, use, or disclosure while in storage, in process, and in transit.
Unique and specific security controls are required for each of these states of data, resources, and objects to maintain confidentiality.
Numerous attacks focus on the violation of confidentiality. These include capturing net-
work traffic and stealing password files as well as social engineering, port scanning, shoulder surfing, eavesdropping, sniffing, escalation of privileges, and so on.
Violations of confidentiality are not limited to directed intentional attacks. Many
instances of unauthorized disclosure of sensitive or confidential information are the result of human error, oversight, or ineptitude. Events that lead to confidentiality breaches
include failing to properly encrypt a transmission, failing to fully authenticate a remote
system before transferring data, leaving open otherwise secured access points, access-
ing malicious code that opens a back door, misrouted faxes, documents left on printers,
or even walking away from an access terminal while data is displayed on the monitor.
Confidentiality violations can result from the actions of an end user or a system administrator. They can also occur because of an oversight in a security policy or a misconfigured security control.
Another term for confidentiality would be privacy. Company policies should restrict access to the information to authorized personnel and ensure that only authorized individuals view this data.
The data may be compartmentalized according to the security or sensitivity level of the information.
For example, a Java program developer should not have access to the personal information of all employees. Furthermore, employees should receive training to understand the best practices in safeguarding sensitive information to protect themselves and the company from attacks.
Methods to ensure confidentiality include data encryption, username ID and password, two-factor authentication, and minimizing exposure of sensitive information.
What is CIA Triad And How Does It Work?
Integrity: is the term that describes accuracy, consistency, trustworthiness of data.
Is to help maintaining the trustworthiness of data by having it in the correct state and immune to any improper modifications.
There are some methods to ensure integrity: file permission, user access control, version control and checksums.
Integrity is the accuracy, consistency, and trustworthiness of the data during its entire life cycle.
Data must be unaltered during transit and not changed by unauthorized entities.
File permissions and user access control can prevent unauthorized access.
Version control can be used to prevent accidental changes by authorized users.
Backups must be available to restore any corrupted data, and checksum hashing can be used to verify the integrity of the data during transfer.
A checksum is used to verify the integrity of files or strings of characters after they have been transferred from one device to another across your local network or the Internet.
Checksums are calculated with hash functions. Some of the common checksums are MD5, SHA-1, SHA-256, and SHA-512. A hash function uses a mathematical algorithm to transform the data into a fixed-length value that represents the data.
The hashed value is simply there for comparison. From the hashed value, the original data cannot be retrieved directly. For example, if you forgot your password, your password cannot be recovered from the hashed value. The password must be reset.
After a file is downloaded, you can verify its integrity by verifying the hash values from the source with the one you generated using any hash calculator. By comparing the hash values, you can ensure that the file has not been tampered with or corrupted during the transfer.
What is CIA Triad And How Does It Work?
Availability: is the term that describes the services and data being well maintained and able to be accessed all the time.
Availability means that the authorized users should be able to access data whenever required.
Maintaining equipment, performing hardware repairs, keeping operating systems and software up to date, and creating backups ensure the availability of the network and data to authorized users.
Plans should be in place to recover quickly from natural or man-made disasters. Security equipment or software, such as firewalls, guard against downtime due to attacks such as denial of service (DoS).
Denial of service occurs when an attacker attempts to overwhelm resources so the services are not available to the users.
Examples of CIA Triad:
To have a better understanding of how the CIA Triad works in practice, consider an ATM that allows users to access bank balances and other information. An ATM incorporates measures to cover the principles of the triad:
The two-factor authentication (debit card with the PIN code) provides CONFIDENCIALITY before authorizing access to sensitive data.
The ATM and bank software ensure data INTEGRITY by maintaining all transfer and withdrawal records made via the ATM in the user’s bank account.
The ATM provides AVAILABILITY as it is for public use and is accessible at all times.
Confidentiality, integrity, and availability, known as the CIA triad is a guideline for information security for an organization (including you). Confidentiality ensures the privacy of data by restricting access through authentication encryption. Integrity assures that the information is accurate and trustworthy. Availability ensures that the information is accessible to authorized people.
SEE ALSO : Different Hacker Types Explained – Black Hat vs. Gray Hat vs. White Hat
Hope this post on What is CIA Triad And How Does It Work helps?