Network Security - CIA Triad

1. Confidentiality

Definition:
Confidentiality ensures that sensitive information is accessible only to authorized users and is kept secret from unauthorized individuals.

Purpose:

  • Protects private data such as passwords, financial information, medical records, or business secrets.

  • Prevents unauthorized disclosure of information.

Techniques to Ensure Confidentiality:

  1. Encryption: Converts data into unreadable code for unauthorized users.

    • Example: AES, RSA encryption.

  2. Access Control: Restricts who can access data or resources.

    • Example: Role-Based Access Control (RBAC), Access Control Lists (ACLs).

  3. Authentication: Verifies user identity before granting access.

    • Example: Passwords, biometrics, OTPs.

  4. Data Classification: Categorizes data based on sensitivity and restricts access accordingly.

Example in Practice:

  • Only HR personnel can view employee salaries in a company database.

2. Integrity

Definition:
Integrity ensures that data is accurate, complete, and unaltered from its original form during storage or transmission.

Purpose:

  • Prevents unauthorized modification of data.

  • Ensures users can trust the information they receive.

Techniques to Ensure Integrity:

  1. Hash Functions: Generates a unique code (hash) for data; any change in data changes the hash.

    • Example: SHA-256, MD5.

  2. Digital Signatures: Verifies the authenticity and integrity of a message or document.

  3. Checksums and Error Detection Codes: Detects accidental or intentional alterations during transmission.

  4. Version Control: Tracks changes in files to prevent unauthorized modifications.

Example in Practice:

  • A bank ensures that a transaction amount is not altered while being sent over the network.

3. Availability

Definition:
Availability ensures that network resources, systems, and data are accessible to authorized users whenever needed.

Purpose:

  • Prevents disruptions in service or access to critical systems.

  • Ensures business continuity and reliability.

Techniques to Ensure Availability:

  1. Redundancy: Backup servers, network paths, and storage to handle failures.

  2. Fault Tolerance: Systems that continue functioning even if part of the system fails.

  3. Regular Backups: Protects against data loss.

  4. Denial-of-Service (DoS) Protection: Prevents attacks that aim to make services unavailable.

  5. Disaster Recovery Planning: Procedures to restore operations quickly after an incident.

Example in Practice:

  • A cloud service ensures users can access their files 24/7, even during server failures.