--Originally published at Mr. Robot's Imaginary Friend
In this post I will be exploring about one of the fundamental concepts of security that should be familiar with most security professionals or students, that is common known as the CIA triad.
In this context CIA is not referring to Central Intelligence Agency. CIA means Confidentiality, Integrity and Availability, many security measures are designed to protect one or more of these.
Confidentiality
If you talk about confidentiality of information, you are talking about protecting the information from been access by someone unauthorized.
As I have said before in other post information is one of the most valuable things nowadays, because bank account, personal information, government documents are things that you don’t want to be public or have no security. That’s why protecting information is a very important part of information security.
One of the simplest ways to keep something confidential is to DON’T HAVE IT ONLINE! If you really need to have this information on the Internet or your computer then the best way to protect this kind of information is encrypting, I won’t talk about this subject deeply because it’s going to be a subject for another post, when this post is publish I will add the link to it here.
Integrity
This refers to protecting information from being modified by someone without authorization.
The modification of information could be something really bad for you, if the information that is modified is your bank account, where you supposed to have $1000, but actually you “transferred” all of your money to someone’s account, prove this was a mistake will be really annoying for you.
A way to prevent this is to use GPG to digitally sign your data, files, etc. You could potentially hash all your information, but that will be a pain because to dehash it, you would
Continue reading "The Triad of Cybersecurity" →