1.1a CIA

No not that CIA! The CIA that is related to the security industry stands for Confidentiality, Integrity and Availability these form the security triad.

 Confidentiality

Confidentiality allows access to data only to authorized personnel unauthorized personnel cannot access the data. You can ensure confidentiality using Encryption such as AES (Advanced Encryption Standard).

 Integrity

When you receive data you want to make sure what you are receiving is the original piece of data such as a file. One way to ensure Integrity is using hashing algorithms such as MD5 and SHA-1. If I was to send you a file over the internet I cannot guarantee that it wasn’t intercepted along the way and changed by someone else. However if I was to use a hashing algorithm like MD5 I could make a hash of the file before sending it to you and send you the hash along with the file (via email) that way when you receive the file you could run the same MD5 hash on the file, if they match you can safely say that the file hasn’t been changed along the way.

 Availability

It is important to make sure your data is available when needed. Companies would do this by having a second (backup) web server available if their primary web server went down or was taken down by an attacker. This also applies to power, off site backups and cooling systems.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s