Understand and apply concepts of confidentiality, integrity and availability
Security management concepts and principles are inherent elements in a security policy and solution deployment. These are basic parameter for a secure environment. Confidentiality, Integrity and availability are the primary goals and objectives of a security infrastructure. Also referred as CIA Triad.
Security control effectiveness depends on how well these three core information security tenets (CIA) are implemented. Vulnerabilities and risks are also evaluated based on the threat they pose against one or more of the CIA Triad principles.
Confidentiality: This is the concept of the measures used to ensure the protection of the secrecy of data, objects or resources.
In general, for confidentiality to be maintained on a network, data must be protected from unauthorized access, use or disclosure while in storage, in process and in transit. Attacks such as capturing network traffic, stealing password files, social engineering, port scanning, shoulder surfing, eavesdropping, sniffing, escalation of privileges etc are focused on violation of confidentiality.
Various countermeasures can be deployed / adopted to ensure confidentiality against possible threats e.g. Encryption, Network Traffic padding, Strict access control, rigorous authentication procedures, data classification and extensive personnel training.
Integrity: This the concept of protecting the reliability and correctness of data.
Integrity protection prevents unauthorized alterations of data. It ensures that data remains correct, unaltered, and preserved. There are three perspectives to evaluate integrity
- Preventing unauthorized subjects from making modifications
- Preventing authorized subjects from making unauthorized modifications such as mistakes
- Maintaining the internal and external consistency of objects so that their data is a correct and true reflection of the real world and any relationship with any child, peer, or parent object is valid, consistent, and verifiable.
Attacks such as viruses, logic bombs, unauthorized access, errors in coding and applications, malicious modification, intentional replacement and system back doors etc are focused on violation of integrity. Countermeasures includes strict access control, rigorous authentication procedures, intrusion detection systems, object / data encryption, hash total versification, interface restrictions, input/function checks, and extensive personnel training.
Availability: This is the concept of authorized subjects are granted timely and uninterrupted access to objects.
Availability includes efficient uninterrupted access to objects and prevention of denial-of-service (DoS) attacks. Availability also implied that the supporting infrastructure – including network services, communications and access control mechanism is working and allows authorized users to gain authorized access.
Threats to availability include device failure, software errors, and environmental issues (heat, static, flooding, power loss, and so on), DoS attacks, object destruction, and communication interruptions. Countermeasures such as designing intermediate delivery systems properly, using access controls effectively, monitoring performance and network traffic, using firewalls and routers to prevent DoS attacks, implementing redundancy for critical systems, and maintaining and testing backup systems.
Reference
CISSP Domain-1: Security and Risk Management
Business Audit Compliance 