CIA Triad: Confidentiality, Integrity, Availability

Confidentiality:

It is the concept of the measures used to ensure the protection of the secrecy of data, objects, or resources. The goal of confidentiality protection is to prevent or minimize unauthorized access to data. Confidentiality protections prevent disclosure while protecting authorized access.

?

Confidentiality data leak can be by Human error, Oversight or ineptitude or misconfigured security control by system administrator or supervisor of the systems.

?

Countermeasures to overcome the possible threats:

1.???? Encryption

2.???? Network traffic padding

3.???? Strict access control

4.???? Rigorous authentication procedures

5.???? Data Classification

6.???? Extensive Personal Training

?Integrity:

Integrity is the concept of protecting the reliability and correctness of data. Integrity protection

prevents unauthorized alterations of data.

Integrity can be examined from three perspectives:

• Preventing unauthorized subjects from making modifications
• Preventing authorized subjects from making unauthorized modifications, such as mistakes
• Maintaining the internal and external consistency of objects so that their data is a correct and true reflection of the real world and any relationship with any other object is valid, consistent, and verifiable

?Countermeasures to overcome the possible threats:

1. ?Intrusion detection systems
2. Data encryption
3. Hash verifications
4. Cryptography and Symmetric Key Algorithms
5. Interface restrictions
6. Strict access control

Availability:

Availability means authorized subjects are granted timely and uninterrupted access to Objects.

Availability includes efficient uninterrupted access to objects and prevention of denial-of-service (DoS) attacks.

Many availability breaches are caused by human error, oversight, or ineptitude. They can also occur because of an oversight in a security policy or a misconfigured security control.

Numerous countermeasures can ensure availability against possible threats. These include designing intermediary delivery systems properly, using access controls effectively, monitoring performance and network traffic, using firewalls and routers to prevent DoS attacks, implementing redundancy for critical systems, and maintaining and testing backup systems.

Most security policies, as well as business continuity planning (BCP), focus on the use of fault tolerance features at the various levels of access/storage/security (that is, disk, server, or site) with the goal of eliminating single points of failure to maintain availability of critical systems.