The CIA Triad is a benchmark model for information security, to monitor and evaluate how an organisation handles data when stored, transmitted or processed.
The CIA triad stands for
- Confidentiality: The critical data must remain confidential and no unauthorised access should be allowed to the data, the attack against confidentiality is disclosure attacks. Encryption is used to provide confidentiality.
- Integrity: The organisation’s data should not be modified in any way, by an unauthorised party, the data should stay in its intended state. Attack against integrity is alteration attack. Hashing is used to provide integrity of data.
- Availability: The data should be available to the authorised users when required, the attack against availability is destruction attack. Technologies like load balancing etc, are used to make the data available and prevent it from destruction attack.