Can a System Provide Integrity Without Confidentiality? Again

CIA triad or CIA security triangle goals of confidentiality, integrity and availability for organizational information security
The goals of the CIA triad or CIA security triangle are confidentiality, integrity and availability, pertaining to information security solutions peculiarly applicable to business organizations. (Paradigm: Copyright © Panmore.com)

The CIA triad (likewise called CIA triangle) is a guide for measures in information security. Data security influences how data applied science is used. Information technologies are already widely used in organizations and homes. This condition ways that organizations and homes are subject to information security bug. Thus, information technology is necessary for such organizations and households to employ information security measures. These measures should protect valuable data, such as proprietary information of businesses and personal or financial data of individual users. Data security teams use the CIA triad to develop security measures. The CIA security triangle shows the key goals that must be included in information security measures. The CIA triad serves every bit a tool or guide for securing information systems and networks and related technological avails. The current global ubiquity of calculator systems and networks highlights the significance of developing and implementing procedures, processes, and mechanisms for addressing information security issues, while satisfying the goals of the CIA triad.

Information security goals, such as those for data security in online computer systems and networks, should refer to the components of the CIA triad, i.eastward. confidentiality, integrity, and availability. In business organizations, the strategic direction implications of using the CIA triangle include developing appropriate mechanisms and processes that prioritize the security of client information. The CIA triad's application in businesses also requires regular monitoring and updating of relevant information systems in guild to minimize security vulnerabilities, and to optimize the capabilities that support the CIA components.

What is the CIA Triad?

The CIA triad is a model that shows the three main goals needed to accomplish information security. While a wide variety of factors decide the security situation of information systems and networks, some factors stand out as the most significant. The assumption is that there are some factors that will always exist of import in information security. These factors are the goals of the CIA triad, as follows:

  1. Confidentiality
  2. Integrity
  3. Availability

Confidentiality, integrity and availability are the concepts virtually basic to information security. These concepts in the CIA triad must always be part of the core objectives of information security efforts.

Confidentiality

Confidentiality is the protection of information from unauthorized access. This goal of the CIA triad emphasizes the need for information protection. Confidentiality requires measures to ensure that only authorized people are allowed to access the information. For example, confidentiality is maintained for a computer file if authorized users are able to access information technology, while unauthorized persons are blocked from accessing it. Confidentiality in the CIA security triangle relates to information security because information security requires control on access to the protected data.

Integrity

The CIA triad goal of integrity is the condition where information is kept accurate and consistent unless authorized changes are made. It is possible for information to modify considering of careless access and utilise, errors in the information system, or unauthorized admission and use. In the CIA triad, integrity is maintained when the data remains unchanged during storage, transmission, and usage non involving modification to the information. Integrity relates to information security because authentic and consequent information is a result of proper protection. The CIA triad requires information security measures to monitor and control authorized access, use, and manual of information.

Availability

The CIA triad goal of availability is the situation where information is available when and where it is rightly needed. The principal concern in the CIA triad is that the information should be available when authorized users need to access information technology. Availability is maintained when all components of the information system are working properly. Problems in the information organisation could make it incommunicable to access information, thereby making the information unavailable. In the CIA triad, availability is linked to data security because effective security measures protect arrangement components and ensuring that data is bachelor.

Examples of CIA Triad Applications

In the CIA triad, confidentiality, integrity and availability are bones goals of data security. All the same, there are instances when one goal is more of import than the others. The following are examples of situations or cases where 1 goal of the CIA triad is highly important, while the other goals are less important.

Confidentiality. The CIA triad goal of confidentiality is more of import than the other goals when the value of the data depends on limiting access to it. For instance, information confidentiality is more of import than integrity or availability in the case of proprietary information of a company. Too, confidentiality is the most of import when the information is a tape of people's personal activities, such as in cases involving personal and financial data of the customers of companies like Google, Amazon, Apple, and Walmart. To guarantee confidentiality nether the CIA triad, communications channels must be properly monitored and controlled to prevent unauthorized access.

Integrity. The CIA triad goal of integrity is more of import than the other goals in some cases of fiscal information. Any change in financial records leads to problems in the accuracy, consistency, and value of the information. For example, banks are more than concerned nigh the integrity of financial records, with confidentiality having merely second priority. Some bank account holders or depositors leave ATM receipts unchecked and hanging around later withdrawing greenbacks. This shows that confidentiality does non take the highest priority. Instead, the goal of integrity is the most important in data security in the banking system. To guarantee integrity under the CIA triad, information must be protected from unauthorized modification.

Availability. The CIA triad goal of availability is more important than the other goals when government-generated online press releases are involved. Press releases are by and large for public consumption. For them to be effective, the information they contain should be available to the public. Thus, confidentiality is not of concern. Integrity has merely second priority. In the CIA triad, to guarantee availability of information in press releases, governments ensure that their websites and systems have minimal or insignificant downtime. Backups are also used to ensure availability of public data.

Implications of the CIA Triad

The CIA triad has the goals of confidentiality, integrity and availability, which are basic factors in information security. Information security protects valuable data from unauthorized access, modification and distribution. The CIA triad guides information security efforts to ensure success. There are instances when one of the goals of the CIA triad is more of import than the others. Information technology is upwardly to the Information technology team, the information security personnel, or the individual user to decide on which goal should exist prioritized based on actual needs. Thus, the CIA triad requires that organizations and private users must always take caution in maintaining confidentiality, integrity and availability of information.

References

  • Andress, J. (2014).The basics of information security: Understanding the fundamentals of InfoSec in theory and practice. Syngress.
  • Evans, D., Bond, P., & Bement, A. (2004). Standards for Security Categorization of Federal Information and Information Systems. National Establish of Standards and Engineering, Figurer Security Resource Eye.
  • Shabtai, A., Elovici, Y., & Rokach, L. (2012). Introduction to Information Security. InA Survey of Information Leakage Detection and Prevention Solutions (pp. ane-4). Springer US.
  • Vocalizer, P. (2014). What Do We Hateful Past Security Anyway? Brookings Institution.
  • Taherdoost, H., Chaeikar, S. Due south., Jafari, M., & Shojae Chaei Kar, N. (2013). Definitions and Criteria of CIA Security Triangle in Electronic Voting Arrangement. International Journal of Avant-garde Information science and It (IJACSIT) Vol,1, 14-24.
  • U.S. Federal Trade Commission – Consumer Information – Computer Security.
  • Von Solms, R., & Van Niekerk, J. (2013). From data security to cyber security.Computers & Security,38, 97-102.

minorlify1942.blogspot.com

Source: http://panmore.com/the-cia-triad-confidentiality-integrity-availability

0 Response to "Can a System Provide Integrity Without Confidentiality? Again"

Post a Comment

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel