In security terms,
CIA stands for: Confidentiality, Integrity and Availability
These three principles form the cornerstone of any organisation's security infrastructure.
Confidentiality has been written about here Confidentiality
Integrity is about ensuring that data has not been tampered with and can be trusted. It is correct, authentic and reliable.
Integrity can be compromised directly by methods including:
- Tampering with intrusion detection systems
- Modifying configuration files
- Changing system logs to evade detection
- Through human error
- Lack of care
- Coding errors
- Inadequate policies, procedures, and protection mechanisms
How can integrity be ensured?
- Digital signatures
- Digital certificates
- Intrusion detection systems
- Version control
- Strong authentication mechanisms and access controls
Availability means that networks, systems and applications are up and running. It ensures authorused users have timely, reliable access to resources when they're needed
Things can jeopardise availability, including:
- Hardware or software failure
- Power failure
- Natural disasters
- Human error
The most well known attack that threatens availability is the denial of service attack, in which the performance of a systsm, website, web based application/service is degraded and the syste, becomes unreachable.
How can availibility be ensured?
- Redundancy (in servers, networks, applications and services)
- Hardware fault tolerance (for servers and storage)
- Regular software patching and system upgrades
- Comprehensive disaster recovery plans
- Denial-of-service protection solutions
This is Identification, Authentication, Authorisation and Accountability
These are key concepts to understanding identity access management.
This is who you are
Without identifying yourself, you cannot access a system
Normal methods of identification includes:
- Your name
- ID number
After you've identified yourself, you need to prove you are who you say you are. That is
- Something you know, password
- Something you have, token
- Something you are, fingerprint
- Something you are, IP address
- Something you can do, signature
Once you've identified and proved who you are using authentication, you will be given access to the system once your authorisation has been determined.
What is authorisation
- Authorisation determines which part of the system / data you are allowed to access and what actions you are allowed to do with that access. For example, read and write.
Once you've been given access to a system and authorised to perform certain tasks, accountability takes place.
What is accountability?
- Being able to trace an action back to an individual
- Prove what someone did, and when they did it: known as
- This is also known as auditing (audit logs)
Why is it important?
- Maintains compliance with legislation
- Maintains trust with internal and external stakeholders
- Promotes positive brand image
- Avoids security risks and unauthorised access
Lack of CIA
- Regulatory fines
- Refunds/compensation to customers
- Loss of earnings
- Termination of contract
- Loss of customers
- Damage to brand