The purpose of this blog is to familiarize the reader with some commonly used terms, models, and principles within the information security community.
The CIA Principle
The “CIA” triad is a widely accepted security model used within the information security community. The definition of the “CIA” triad is as follows;
Confidentiality - is the ability to hide information from unauthorized viewers or recipients. This task can be accomplished with the use of Cryptography and Encryption.
Integrity - is the ability to assure that the data is accurate and unchanged. This task can be accomplished withe use of a hashing algorithm’s such as MD-5 and SHA-1.
Availability - it is extremely important that the information your responsible for is readily available for the authorized user 24x7. This task can be accomplished by limiting or preventing embryonic or half open TCP connections to prevent the consumption of network resources by denial of service to legitimate users.
Identification, Authentication, and Accountability- For a user to be able to access a resource, he/she first must prove he/she is who he/she claims to be, has the necessary credentials, and has been given the necessary rights or privileges to perform the action he/she is requesting.
About Me
- Joe Jones
- Chicago, IL, United States
- Former U.S Marine, current information security consultant, college professor, writer and motivational speaker
No comments:
Post a Comment