Search in ISMS Guides


Monday, August 6, 2007

CIA triad

From Wikipedia, the free encyclopedia

CIA triad is a widely-used information assurance (IA) model which identifies confidentiality, integrity and availability as the fundamental security characteristics of information. The three characteristics of the idealized model are also referred to as IA services, goals, aims, tenets or capabilities.

Confidentiality is assurance of data privacy. Only the intended and authorized recipients: individuals, processes or devices, may read the data. Disclosure to unauthorized entities, for example using unauthorized network sniffing is a confidentiality violation.

Cryptography is the art and science of storing and transmitting confidential data.

Integrity is assurance of data non-alteration. Data integrity is having assurance that the information has not been altered in transmission, from origin to reception. Source integrity is the assurance that the sender of that information is who it is supposed to be. Data integrity can be compromised when information has been corrupted or altered, willfully or accidentally, before it is read by its intended recipient. Source integrity is compromised when an agent spoofs its identity and supplies incorrect information to a recipient.

Digital Signatures and hash algorithms are mechanisms used to provide data integrity.

Availability is assurance in the timely and reliable access to data services for authorized users. It ensures that information or resources are available when required. Most often this means that the resources are available at a rate which is fast enough for the wider system to perform its task as intended. It is certainly possible that confidentiality and integrity are protected, but an attacker causes resources to become less available than required, or not available at all. See Denial of Service (DoS).

High availability protocols, fully redundant network architectures and system hardware without any single points of failure ensure system reliability and robustness.

Augmentations to the CIA Triad
There have been attempts to augment the CIA triad with concepts such as accountability, non-repudiation, authentication, value, intended use (utility) and others.[1] The triad, being a very simple model with narrow application, cannot adequately describe many important security objectives. Therefore augmentations may be an effort to broaden the applicability of the model. There is a perceptible incongruity, however, between the triad, which identifies fundamental security characteristics of information, augmentations which identify security characteristics of processes (e.g. trusting, sharing, using or evaluating) and loss of control, otherwise known as theft. Newer models are the Parkerian hexad and Security in Context from the Information Security Management Maturity Model.

Some common augmentations to the triad are:

Accountability is assurance in tracing all activities to a responsible and authorized individual or process within a reasonable amount of time and without undue difficulty.


Non-Repudiation is assurance that:

* The sender of data is provided with proof of delivery
* The recipient is provided with proof of the sender's identity

In this case neither can later deny having processed the data. In e-commerce and legal terms this prevents the sender, an online vendor for example, from being obliged to ship replacement goods to a malicious customer who denies receiving the original data. The non-repudiation of sourcing information means that the sender can't deny submitting the information. This prevents the sender from anonymously spoofing messages with malicious intent.

Authentication is the process to verify the identity of an individual, a computer, a computer program, or similar.

Utility means usefulness. For example, suppose someone encrypted data on disk to prevent unauthorized access or undetected modifications (encryption of data-at-rest) and then lost the decryption key. This is a breach of utility. The data is confidential, controlled, integral, authentic and available – but it is just not useful. Similarly, conversion of salary data from one currency into an inappropriate currency would be a breach of utility if the substitution made it more difficult to interpret the data. Another example is the storage of data in a format inappropriate for a specific computer architecture like EBCDIC instead of ASCII. A tabular representation of data substituted for a graph could be described as a breach of utility since the substitution makes it difficult to interpret the data. Utility is often confused with availability because breaches such as those described in the examples may also require time to work around the change the data into a useful form.

Suppose a thief were to steal a sealed envelope containing a bank debit card and somehow its personal identification number (PIN). Even if the thief did not open that envelope, the victim of the theft would legitimately be concerned that he or she could do so at any time without the owner's control. That situation illustrates a loss of control or possession of information, but does not involve the breach of confidentiality.

Variations on the Mnemonic
Other mnemonic variations are in use to represent the CIA triad. This is done to avoid confusion with the acronym for the U.S. Central Intelligence Agency (CIA).

Another mnemonic is PAIN:

* Privacy = Confidentiality
* Availabilty/Authentication
* Integrity
* Non-Repudiation

The CIA triad sometimes also referred to in reverse order as the AIC triad.

“ ...the high-level security goals most often specified are that the system should prevent unauthorized disclosure or theft of information, should prevent unauthorized modification of information, and should prevent denial of service. ”

A Comparison of Commercial and Military Computer Security Policies, Clark-Wilson, 1987

In a 1987 survey document comparing commercial and U.S. Department of Defense (DoD) computer security by David D. Clark and David R. Wilson, the authors introduced the concept of the computer security integrity model. The paper formalizes the notion of information integrity as compared to DoD's Orange Book's emphasis on security labels and classification, i.e. security is confidentiality. Clark and Wilson argue that the existing computer security models such as Bell-LaPadula and Biba were better suited to enforcing data confidentiality rather than information integrity.

1 comment:

Anonymous said...

Hi there,

I just found your blog and just thougt it may be of some interest to you to know, a while back i managed to find a british labels company who printed a batch of financial security labels for me at a really low cost. They do all types of security labels prints so it may be worth taking a look at their site.