CIA = Confidentiality of information, Integrity of information, Availability of information.
This model is designed to guide policies for information security in organization.Each field is
seperately identified and respective protective measures are listed.Any breach in anyof the three
fields will cause serious consequences to the parties involved.
Confidentiality:
Confidentiality can be called privacy.In todays world everyone has sensitive information which
can be a problem if fell into wrong hands. Only the authorized person must be able to view the
data while restricting the third parties to share the information.It is not much difficult to acheive
this but one problem is to be considered. If we allow tough measures the original trusted user
might face difficulties to view his information. so the rules should be friendly for the approriate
verified user as well.
Cryptography and Encryption methods are an example of an attempt to ensure confidentiality of
data trasferred from one computer to another. Nowadays passwords and 2 factor authentication is
being used. But addition to that there are biometric verifications,storing on truecrypt
volumes,honey pots to divert intrusion attacks,security tokens,soft tokens,SSL/TLS ( for safe
commuication across network),etc
Integrity:.
Integrity involves maintaining consistency,accuracy,trustworthiness of data over its entire life
cycle. Information is only worth if its true and there are many attackers in the net who change the
details of a secured file so that it looses its value.
measures which can develop integrity are using file permissions and user access
controls,digitally signing the data, hashing the data and sending it to the receiver to compare it
with the received information using cryptography,using checksums or crptographic checksums.
There should also be a facility to repair the damaged information by using strong and secure
backup mechanism.
Availability:
This ensures that the user can get his/her information whenever he needs it. The main aim of
security is to safeguared the authorized user\'s data and ensure that he gets his data at all times is
crucial. some attacks mainly focusses on denying the user his access.this type of attacks are
DDOS attacks.Some parties might try to block some company\'s resources to the users so that
they can have more sales.Not only attackers natural disasters also might cause losing the data and
denying the user his right to get his data when needed.
The best solution is using offsite backups and ensuring the downtime to retreive is less.firewalls
and proxies can help the tackling of dos attacks (denial of service attacks), allowing redundency
for high important information can also help.
Solution
CIA = Confidentiality of information, Integrity of information, Availability of information.
This model is designed to guide policies for information security in organization.Each field is
seperately identified and respective protective measures are listed.Any bre.
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
CIA = Confidentiality of information, Integrity of information, Avai.pdf
1. CIA = Confidentiality of information, Integrity of information, Availability of information.
This model is designed to guide policies for information security in organization.Each field is
seperately identified and respective protective measures are listed.Any breach in anyof the three
fields will cause serious consequences to the parties involved.
Confidentiality:
Confidentiality can be called privacy.In todays world everyone has sensitive information which
can be a problem if fell into wrong hands. Only the authorized person must be able to view the
data while restricting the third parties to share the information.It is not much difficult to acheive
this but one problem is to be considered. If we allow tough measures the original trusted user
might face difficulties to view his information. so the rules should be friendly for the approriate
verified user as well.
Cryptography and Encryption methods are an example of an attempt to ensure confidentiality of
data trasferred from one computer to another. Nowadays passwords and 2 factor authentication is
being used. But addition to that there are biometric verifications,storing on truecrypt
volumes,honey pots to divert intrusion attacks,security tokens,soft tokens,SSL/TLS ( for safe
commuication across network),etc
Integrity:.
Integrity involves maintaining consistency,accuracy,trustworthiness of data over its entire life
cycle. Information is only worth if its true and there are many attackers in the net who change the
details of a secured file so that it looses its value.
measures which can develop integrity are using file permissions and user access
controls,digitally signing the data, hashing the data and sending it to the receiver to compare it
with the received information using cryptography,using checksums or crptographic checksums.
There should also be a facility to repair the damaged information by using strong and secure
backup mechanism.
Availability:
This ensures that the user can get his/her information whenever he needs it. The main aim of
security is to safeguared the authorized user's data and ensure that he gets his data at all times is
crucial. some attacks mainly focusses on denying the user his access.this type of attacks are
DDOS attacks.Some parties might try to block some company's resources to the users so that
they can have more sales.Not only attackers natural disasters also might cause losing the data and
denying the user his right to get his data when needed.
The best solution is using offsite backups and ensuring the downtime to retreive is less.firewalls
and proxies can help the tackling of dos attacks (denial of service attacks), allowing redundency
for high important information can also help.
2. Solution
CIA = Confidentiality of information, Integrity of information, Availability of information.
This model is designed to guide policies for information security in organization.Each field is
seperately identified and respective protective measures are listed.Any breach in anyof the three
fields will cause serious consequences to the parties involved.
Confidentiality:
Confidentiality can be called privacy.In todays world everyone has sensitive information which
can be a problem if fell into wrong hands. Only the authorized person must be able to view the
data while restricting the third parties to share the information.It is not much difficult to acheive
this but one problem is to be considered. If we allow tough measures the original trusted user
might face difficulties to view his information. so the rules should be friendly for the approriate
verified user as well.
Cryptography and Encryption methods are an example of an attempt to ensure confidentiality of
data trasferred from one computer to another. Nowadays passwords and 2 factor authentication is
being used. But addition to that there are biometric verifications,storing on truecrypt
volumes,honey pots to divert intrusion attacks,security tokens,soft tokens,SSL/TLS ( for safe
commuication across network),etc
Integrity:.
Integrity involves maintaining consistency,accuracy,trustworthiness of data over its entire life
cycle. Information is only worth if its true and there are many attackers in the net who change the
details of a secured file so that it looses its value.
measures which can develop integrity are using file permissions and user access
controls,digitally signing the data, hashing the data and sending it to the receiver to compare it
with the received information using cryptography,using checksums or crptographic checksums.
There should also be a facility to repair the damaged information by using strong and secure
backup mechanism.
Availability:
This ensures that the user can get his/her information whenever he needs it. The main aim of
security is to safeguared the authorized user's data and ensure that he gets his data at all times is
crucial. some attacks mainly focusses on denying the user his access.this type of attacks are
DDOS attacks.Some parties might try to block some company's resources to the users so that
they can have more sales.Not only attackers natural disasters also might cause losing the data and
denying the user his right to get his data when needed.
The best solution is using offsite backups and ensuring the downtime to retreive is less.firewalls
3. and proxies can help the tackling of dos attacks (denial of service attacks), allowing redundency
for high important information can also help.