The CIA model focuses on confidentiality, integrity, and availability as key principles for information security. Confidentiality prevents unauthorized disclosure of information, integrity ensures data has not been altered without authorization, and availability ensures authorized users have access to required resources when needed. The CIA triad provides a simple but comprehensive checklist to evaluate security procedures and determine if one of the three aspects is insufficient. It can also be used to review security incidents and determine what went wrong or succeeded. Maintaining all three principles is important for any cloud or information system.

1. CLOUD SECURITY
CIA SECURITY MODEL
CONFIDENTIALITY, INTEGRITY & AVAILABILITY

2. WHAT IS THE CIA MODEL?
• A simple but widely applicable security model is CIA triad. Stands for..
• C Confidentiality
• I Integrity
• A Availability
• This three key principles should be guaranteed in any cloud/information system.
• CIA triad of information security is the important pillar of cloud software assurance.
• This approach applies to the whole field of security analysis, from access to a user's online
history to the protection of encrypted data sent over the internet.
• Breaching any of the three may have severe effects for the individuals involved in the
system.

4. CONFIDENTIALITY
1. Confidentiality is the prevention of the planned or accidental unauthorized
leaking of information.
2. Direct attacks on systems, apps, and databases to extract or modify data
compromise confidentiality.
3. To maintain confidentiality, solutions include data category and labelling,
powerful access controls and authentication, data encryption, intellectual
property rights , covert channels, traffic analysis, and proper education and
training for all users with data access.

5. INTEGRITY
1. Integrity is the guarantee that data has not been compromised and can thus be
trusted upon.
2. Integrity adds to the reliability of data by guaranteeing that information is in the
proper state and has not been altered without authorization or unauthorized
modifications to data are not made by the authorized personel too .
3. Data integrity safeguards include encryption, hashing, digital signatures, and
digital certificates.

6. AVAILABILITY
1. Availability guarantees that authorized users have consistent and timely
access to required resources(data)by the authorized personel.
2. It also ensures that the systems are functioning properly when needed.
3. Denial-of-service is a threat to availability. In this, the system ,application or
data are not accessible when it is required.
4. Preventive measures must be taken to get rid of “denial-of-service” such as
regular software patching, system upgrades, backups.

7. WHY SHOULD WE USE CIA?
1. The CIA triad provides a simple yet comprehensive high-level checklist for the
evaluation of our security procedures and tools.
2. An information security system that is lacking in one of the three aspects of the
CIA triad is insufficient.
4. After a bad incidence, the CIA triad is also useful for reviewing what went wrong
and what succeeded.

8. THANK YOU
CREATED BY - SHRINJON KABASI
B.SC COMPUTER SCIENCE(H), 5TH SEMESTER
BHAIRAB GANGULY COLLEGE