๐ CIA/IAAA
CIAโ
In security terms, CIA stands for: Confidentiality, Integrity and Availability
These three principles form the cornerstone of any organisation's security infrastructure.
Confidentialityโ
Confidentiality has been written about here Confidentiality
Integrityโ
Integrity is about ensuring that data has not been tampered with and can be trusted. It is correct, authentic and reliable.
Integrity can be compromised directly by methods including:
Deliberately
- Tampering with intrusion detection systems
- Modifying configuration files
- Changing system logs to evade detection
Unintentionally:
- Through human error
- Lack of care
- Coding errors
- Inadequate policies, procedures, and protection mechanisms
How can integrity be ensured?โ
- Encryption
- Hashing
- Digital signatures
- Digital certificates
- Intrusion detection systems
- Auditing
- Version control
- Strong authentication mechanisms and access controls
Availabilityโ
Availability means that networks, systems and applications are up and running. It ensures authorused users have timely, reliable access to resources when they're needed
Things can jeopardise availability, including:
- Hardware or software failure
- Power failure
- Natural disasters
- Human error
Example
The most well known attack that threatens availability is the denial of service attack, in which the performance of a systsm, website, web based application/service is degraded and the syste, becomes unreachable.
How can availibility be ensured?โ
- Redundancy (in servers, networks, applications and services)
- Hardware fault tolerance (for servers and storage)
- Regular software patching and system upgrades
- Backups
- Comprehensive disaster recovery plans
- Denial-of-service protection solutions
IAAAโ
This is Identification, Authentication, Authorisation and Accountability
These are key concepts to understanding identity access management.
Identificationโ
This is who you are
Without identifying yourself, you cannot access a system
Normal methods of identification includes:
- Your name
- Username
- ID number
Authenticationโ
After you've identified yourself, you need to prove you are who you say you are. That is authentication.
Authentication methods:
- Something you know, password
- Something you have, token
- Something you are, fingerprint
- Something you are, IP address
- Something you can do, signature
Authorisationโ
Once you've identified and proved who you are using authentication, you will be given access to the system once your authorisation has been determined.
What is authorisation
- Authorisation determines which part of the system / data you are allowed to access and what actions you are allowed to do with that access. For example, read and write.
Accountabilityโ
Once you've been given access to a system and authorised to perform certain tasks, accountability takes place.
What is accountability?
- Being able to trace an action back to an individual
- Prove what someone did, and when they did it: known as non-repudiation
- This is also known as auditing (audit logs)
Maintaining CIAโ
Why is it important?
- Maintains compliance with legislation
- Maintains trust with internal and external stakeholders
- Promotes positive brand image
- Avoids security risks and unauthorised access
Lack of CIAโ
Consequenses
Financial
- Regulatory fines
- Refunds/compensation to customers
- Loss of earnings
Legal
- Lawsuits
- Termination of contract
Reputational
- Loss of customers
- Damage to brand