SS1 COMPUTER STUDIES: TOPIC (SECURITY TRIAD)

 

CONFIDENTIALITY

 A common use case that any organization has is to support confidentiality. Confidentiality prevents the unauthorized disclosure of data.

METHODS USE TO ENSURE CONFIDENTIALITY

 1.      Encryption: 

2.      Access Control

3.      Steganography and Obfuscation

 

Steganography and Obfuscation: A third method you can use for confidentiality is steganography. It is the practice of hiding data within data. it is the practice of hiding data within data.

 

SECURITY TRIAD

The Confidentiality Integrity and Availability (CIA) triad is a common model that forms the basis for the development of security systems.

 

1.   CONFIDENTIALITY

2.      PROVIDE INTEGRITY

3.      AVAILABILITY

INTEGRITY

Integrity provides assurances that data has not changed. This includes ensuring that no one has modified, tampered with, or corrupted the data.

 

TWO KEY CONCEPTS RELATED TO INTEGRITY ARE:

1.    Integrity provides assurances that data has not been modified, tampered with, or corrupted.

2.    Hashing verifies integrity. A hash is simply a numeric value created by executing a hashing algorithm against a message or file.

 

TECHNIQUES USE TO DETERMINE INTEGRITY

1.    Hashing you can use hashing techniques to enforce integrity. The relevant hashing algorithms, such as Message Digest 5 (MD5), Secure Hash Algorithm (SHA), and Hash- based Message Authentication Code (HMAC). a hash is simply a number created by executing a hashing algorithm against data, such as a file or message.

 

2.    Digital Signatures, Certificates, and NonRepudiation You can also use digital signatures for integrity. A digital signature is similar in concept to a handwritten signature.

 

Availability:  Ensures that systems are up and operational when needed and often addresses single points of failure.

 

INCREASE AVAILABILITY

Availability indicates that data and services are available when needed. Organizations commonly implement redundancy and fault-tolerant methods to ensure high levels of availability for key systems. Additionally, organizations ensure systems stay up to date with current patches to ensure that software bugs don’t affect their availability.

 

Redundancy and Fault-Tolerant: Redundancy adds duplication to critical systems and provides fault tolerance. If a critical component has a fault, the duplication provided by the redundancy allows the service to continue without interruption.

A common goal of fault tolerance and redundancy techniques is to remove each single point of failure (SPOF).