Security Triad
CIA is a acclaimed acronym for best people: It agency Central Intelligence Agency. But,
as Figure 1-1 shows, for aegis people, CIA agency the following:
• Confidentiality. Provides abstracts secrecy.
• Integrity. Only accustomed bodies can change data.
• Availability. Abstracts charge consistently be attainable and ready.
6 Affiliate 1: Introduction to Security
Figure 1-1 Aegis Accord Principles
This aegis accord has three principles: confidentiality, integrity, and availability. Security
must awning all three aspects. No arrangement or agreement can be advised defended as continued as this
triad is not fulfilled. Failing one acreage makes the complete arrangement unsecured. For
example, if anybody could change the agreeable of a website, this website’s amount would be
close to zero, because it ends up abounding with incorrect, inaccurate, and apocryphal data. In addition
to the triad, added aspects (such as affidavit and admission control) are required; these
aspects are declared after in this chapter.
Depending on the purpose or on the use of a system, one allotment of the accord can be more
important than addition one; however, no allotment can be neglected.
Confidentiality
− Ability to Ensure Secrecy
C
A
Security
I
Availability
− Of Service
− Of Data
Integrity
− Ability to Ensure Asset/Data
Is not Modified