William Ma's security blog

The CIA Triad

William Ma's photo
William Ma
·

2 min read

The CIA triad describes three principles involved in protecting data.

  1. Confidentiality

  2. Integrity

  3. Availability

Confidentiality

Confidentiality ensures only authorized individuals or systems can access the data.

A few ways we can achieve confidentiality:

  1. Encryption. Alice could encrypt her email with Bob’s public key before sending it to Bob. So only Bob can decrypt it and read it.

  2. Access controls. We set the permissions such that only developers working on Project A have access to the git repo.

Integrity

Integrity ensures that data is stored or transferred as intended.

  1. Hashing. If the downloaded file’s hash doesn’t match the file hash provided, you know the file downloaded is different and not intended. Some reasons could be the download was corrupted or it could have been tampered. To ensure the integrity of the file hash that’s provided, digital signatures are used to verify the file hash came from the correct person.

  2. Certificates.

Availability

Availability ensures the data is accessible by those authorized to access it.

A few ways we can achieve availability is:

  1. Backups. We can have backups, in case the original document is destroyed.

  2. Redundancy. We can have back up servers, in the event our main servers get overloaded.

  3. Updates. We keep our systems up to date, to ensure security vulnerabilities are patched.

  4. Fault tolerance. We have systems in place to handle when things go wrong.