CIA Triad
The CIA Triad is a fundamental cybersecurity model that encompasses three key principles for protecting information systems and data: Confidentiality, Integrity, and Availability. This model provides a straightforward framework for designing security controls and assessing risks, ensuring that information remains protected, accurate, and accessible when needed. These principles guide organizations in securing their systems, responding to threats, and managing data protection across various environments.
Confidentiality
Confidentiality is the principle of protecting information from unauthorized access, use, or disclosure. It ensures that data is accessible only to individuals who have been explicitly granted permission to view or handle it. This protection applies whether the data is stored, processed, or transmitted.
To maintain confidentiality, organizations store data in secure locations and use access controls such as passwords, file permissions, encryption, and authentication systems. They implement policies and technical safeguards to prevent sensitive information from being accessed by unauthorized users, accidentally exposed, or intentionally leaked.
Overall, confidentiality ensures that private or sensitive data remains “hidden” from unauthorized users, keeping it safe in a controlled, secure environment.
Example
Access is restricted so that only the file owner can read and write the file.
chmod # change file permissions command
600 # owner read/write only, no permissions for group or others
file.txt # target file to apply permissions
chmod 600 file.txtIntegrity
Integrity is the principle that ensures data remains accurate, complete, and trustworthy throughout its lifecycle. It means that information should not be altered, deleted, or manipulated by unauthorized users, whether intentionally or accidentally. When data integrity is maintained, users can trust that the information is correct and consistent.
To protect integrity, systems employ controls such as permissions, checksums, hashing, audit logs, and version control. These mechanisms help detect or prevent unauthorized changes, ensuring that any data modifications are tracked and approved.
Overall, integrity guarantees that data remains reliable and unchanged unless properly authorized, making it trustworthy for decision-making and operations.
Example
A hash value is generated to verify that the file contents have not changed..
sha256sum # command to compute SHA-256 hash of a file
message.txt # target file whose integrity is being checked
sha256sum message.txtAvailability
Availability is the principle that ensures data and systems are accessible to authorized users whenever necessary. This means that information, applications, and services should be reliably accessible without unnecessary delays or downtime.
To maintain availability, organizations implement measures such as backups, redundancy, failover systems, load balancing, and disaster recovery plans. These controls ensure that even if hardware fails, networks go down, or unexpected incidents occur, users can still access the data they are authorized to use.
Overall, availability ensures that information is readily accessible to the right people at the right time, supporting continuous, reliable operations.
Example
The status of a web service is checked to ensure it is running and available for users.
systemctl # systemd command to control and manage services
status # check the current state of a service
apache2 # the Apache web server service being checked
systemctl status apache2Authenticity
Authenticity is the principle that guarantees data, users, or systems are genuine and verifiable as coming from a trusted and legitimate source. It ensures that information has not been falsified or impersonated and that communication or data originates from the claimed sender.
To maintain authenticity, systems employ various methods such as digital signatures, certificates, multi-factor authentication, cryptographic keys, and identity verification protocols. These mechanisms help validate identities and ensure that interactions between users and systems are trustworthy.
Overall, authenticity enables you to trust the source of the data or user you are interacting with, preventing impersonation and the spread of fake or misleading information.
Example
A digital signature is verified to confirm the sender’s identity.
gpg # GNU Privacy Guard tool used for encryption and signature verification
–verify # option to verify a digital signature
signed_message.txt.sig # signature file used to confirm authenticity
message.txt # original file being verified against the signature
gpg --verify signed_message.txt.sig message.txtNon-repudiation
Non-repudiation is a security principle that guarantees an individual or system cannot deny having performed a specific action. It provides proof of both origin and integrity, allowing actions such as sending messages, approving transactions, or modifying data to be reliably attributed to a specific actor.
To achieve non-repudiation, systems employ mechanisms like digital signatures, cryptographic keys, audit logs, timestamps, and secure authentication records. These tools generate verifiable evidence that a particular user or system executed a specific action and that the action has not been altered afterward.
Overall, non-repudiation ensures accountability by making it impossible for someone to credibly deny their actions within a system.
Example
A digital signature is created to prove who signed the file.
gpg # GNU Privacy Guard tool for encryption and signing
–sign # create a digital signature to prove authorship and ensure integrity
message.txt # file being signed to provide proof of origin and non-repudiation
gpg --sign message.txt