CIA Triad

Pasted image 20250425161410.png

Definition

The CIA Triad is the fundamental framework for thinking about data security. It can be broken up into Confidentiality, Integrity, and Availability. It is the common model at the basis of developing security systems

Confidentiality

This boils down to keeping information from being access by those who are unauthorized. Not all data needs to be confidential it is up to the discretion of the owner. However, when data should be it shouldn't be accessed by anyone who isn't given express permission to view it.

Integrity

Data should be kept current, correct, and accurate. This also means that your data should not be altered by anyone who is not authorized to edit it. (Alice and Bob Learn Application Security)

Availability

This pillar means that data should be able to be reached whenever someone wants access to it.