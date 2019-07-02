In this video, you will learn to describe the CIA triad, and how confidentiality, integrity and availability are defined in the context of cyber security. Three main components of our security architecture and that's confidentiality, integrity and availability. They protect data and services within the architecture, what you don't see here also is the authentication side and the access side. We'll talk more about that a little bit later. So let's take a dive a little bit deeper into the definitions for confidentiality, integrity and availability. Is a nist level definition of confidentiality. Let's take a look at this in some detail. Preserving authorized restrictions on information, access and disclosure including means for protecting personal privacy, and proprietary information. Let's decompose this first bullet point just a little bit. So preserving authorized restrictions. Meaning that we've got control protocols that explain not only how, but what mechanisms are undertaken to have access to the information on that hand. There are authorized restrictions, these comes from the governance process. Which implies that we will protect against unauthorized restrictions. What a great denial of service attack for example to simply prevent any access at all by authorized users. We've got to preserve the governance, the protocol for access to the information. Obviously on information access and disclosure. So not only being able to read it, but being able to distribute that are under the purview of access control and maintaining confidentiality. For Bob and Alice this absolutely makes sense. So only Alice and Bob can change how they exchange information, and how they protect that. The means for protecting personal privacy in the channel before Trudy intercepts, and proprietary information we'll visit two main domains for confidentiality within the enterprise and we define a failure. A confidential loss as the unauthorized disclosure of information, guarding against improper information, modification or destruction. So this is the in channel distribution that we are protecting information. Now, interestingly enough, there's some US government agencies. They care more about integrity than they do confidentiality. Alice to Bob, so Trudy can intercept that but these government agencies have a laser focus. That Trudy can't change the message. That's the integrity side. That's the guarding against the improper information modification. Right? A terrible set of circumstances would be that Trudy in our earlier diagram, could modify a message and neither Alice nor Bob can be aware of that. So the simple let's meet for lunch today can be changed to let's meet for lunch tomorrow. One-person shows up, they feel like they are stood up, all sorts of complications occur there. So one can understand the impact to a mission of a lack of integrity. Also within the integrity side of this is the non-repudiation and authenticity components to this. Non-repudiation means that neither the sender, nor the receiver Alice nor Bob, can challenge that a transaction occurred. Well let's define what the transaction could be. In a simple part of it, it could be that the lunch invitation was extended. The message was sent. Alice can prove that the message was sent and can prove that Bob received the message. Bob can never say, "I didn't get the message," because Alice would have the proof that it was sent and it was delivered. Now that's a simple non-repudiation definition. Let's take a look at a business transaction. In a banking environment, a transfer of a $100 from a savings account to a checking account, or from Alice's account to Bob's account. Let's take a look at the second. The non-repudiations Alice can prove that she moved a $100 from her account, to Bob's account, and that Bob's aware of them. Bob could never say that a $100 was never moved. Because we have message constructs, audit records that proved in fact that Alice made the transaction. Alice can prove that those transactions occurred also so it occurs from the sender's side and the receiver's side. That's the non-repudiation parameter that we are discussing in here. The authenticity element addresses the principle that it was a legitimate transaction. So the $100 that moved from Alice's account to Bob's account was conducted by their bank. Not some third party. So this is that it is an authorized transaction, it occurred within the rules, there's no integrity violations, that's the authenticity side. The definition of an integrity failure or the integrity loss, is the unauthorized modification or destruction of information. In the larger context is that, if Trudy the interceptor, destroyed the message and prevented its delivery, that is also an integrity failure. She not only changed the message but she destroyed that. Our availability definition, this is the last of the three definitions on this. Talk about the timely and reliable access to information. Well this makes sense. Basically we talk about system reliability. The system will be available 99.99 percent of the time. That's the type of requirement that we see for system availability. The security engineer, the security professional will take that availability requirement, and be able to decompose that to the deployment architecture so that we can talk about availability for individual components, the sum of which will meet the requirement. Notice there are two components to it. Let's just take out the second one. We'll talk about the timely access to information. All right, so the ability that in this frequently as a system level requirement, that when a transaction request is put onto the channel, that the transaction response occurs within a set length of time, let's say five seconds. Now, for air traffic control radar and fire control systems, that timely access is measured in microseconds. Once again frequently part of the system requirements matrix, the reliable access component, this is the actual system availability. We are not talking about how long it takes, but in fact that it does take and so we frequently talk about percentage of availability time on this, there's a couple of other parameters that can help define reliable access but once again the security professional will take a look at these requirements and perform a requirements decomposition and then allocate those requirements to elements within the architecture. Our definition of loss availability is the disruption of access to an information system. That just makes sense that it's going to have access responsibly within a certain time limit, and in fact that the transaction can occur.