Code Mission: CIA

Today I want to talk about something called the Triad CIA, which are the tree main goals of security.

Each one of them, Confidentiality, Integrity, and Availability are not the same and can cause some confusion. But fear not, I am here in order to explain in the easiest way the main differences.

 

Confidentiality

First of all is Confidentiality, this is probably the first one to come in your mind when talking about security. It is just to protect your stuff from unauthorized disclosure, I means that none should be able to see your secrets without your consent.

You could think: that’s it! Everything in security is confidential so why you talk about the other tree? Well, it is not entirely true. You can have security with little confidentiality. Just think about a web page with just information about a touristic place. It has nothing else than information and anyone can see it, so: why is it secure with little to no confidentiality? I can respond this with the following concept.

l0hlyyc3zqtqbctak

Integrity

Integrity is a wat that we protect an asset from unauthorized changes. Or in other words, only certain people are permitted to modify the data. We can see how in my previous example of the information only web can be secure if its integrity is preserved, it means that we can implement methods to ensure that only the administrators can change the web.

3oriellg0xas0saxwo
Like in permanent: you can see but, you can’t change.

Availability

Another goal, it means that security must try to accomplish a data accessible and reliable. In my previous example, it means that the web should be up as often as possible. This is the easiest of the three goals to understand, but maybe the hardest because of the trade-offs implied. Just think about it, the easiest way to have availability is to make a copy of something and have many back-ups, but you really want to have multiple copies of your password all over the internet?

 

5yo4km322zuny
Now jelly fishing is not available u.u

Every Security system implemented has this three goals in mind, but cannot satisfy all three of them completely. You must analyze which system fulfills better your needs in order to become secure.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s