Thursday, July 18, 2019

Relating the CIA triad to security

Relating the CIA triad to security-



Given the elements of the CIA triad, we can begin to discuss security issues in a very specific fashion. As an example,  we can look  at  a shipment of backup tapes on  which  we have the only  existing, but  unencrypted, copy of some  of our  sensitive  data  stored.  If we were to lose the shipment in transit we will have a security issue. From a confidentiality standpoint, we are likely to have a problem since our files were not encrypted.  From an integrity standpoint, presuming that we were able to recover the tapes, we again have an issue due to the lack of encryption used on our files. If we recover the tapes and the unencrypted files were altered,  this would  not  be immediately apparent to  us. As for availability, we have an issue unless the tapes are recovered since we do not have a backup copy of the files. Although  we can describe  the situation in this example  with  relative accuracy using the CIA triad, we might  find that the model  is more restrictive than  what we need  in  order  to describe  the entire  situation. An alternative model does exist that is somewhat more extensive.
By -
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
  • What is Number,Integer,Float,Character,String,Boolean?
    (11)What is Number , Integer , Float , Character , String , Boolean? Number  Number is a symbol and mathematical object used for mea...
  • Cyber security
    WarDriving It is a process of tracking Wi-Fi hotspots located at a particular place, while moving with a hand held device or a lapt...
  • KeePassX
    KeePassX KeePassX is an open source, cross-platform and light weight password management application published under the terms of the ...