blog




  • Essay / The Holy Trinity of Data Security: What You Need to Know About the CIA Triad

    The CIA Triad is the most popular reference model for information security and assurance, meaning confidentiality, integrity and availability. Sometimes affectionately called the Holy Trinity of data security, the CIA triad is also called the AIC (Availability, Integrity, Confidentiality) triad by some InfoSec experts to avoid confusion with the Central Intelligence Agency. Say no to plagiarism. Get a tailor-made essay on “Why Violent Video Games Should Not Be Banned”? Get the original essay In this model, privacy represents a set of guidelines that prevent the exposure of data to unauthorized parties by governing and limiting access to it. Integrity describes the rules that maintain the reliability and health of data and prevent unauthorized users from tampering with it. And availability promotes a state in which authorized individuals are guaranteed reliable access to information. Confidentiality In the general context, confidentiality means preventing the disclosure of data to unauthorized parties. But in strict terms, it also attempts to preserve the confidentiality and anonymity of the identity of authorized parties involved in sharing and holding data. Keeping the identities of the parties involved confidential adds to the CIA's overall triad. Since malicious actors cannot reliably recognize and identify the target, they must randomly target network participants. This in fact increases the costs associated with system compromise and strengthens its overall security. Standard measures are taken to establish privacy, including encryption, passwords, two-factor authentication, biometric verification, security tokens, etc. Some of the challenges that could compromise privacy are: encryption hacking; Man-in-the-middle attacks on plain text data; Internal leaks where data is not end-to-end encrypted; Doxxing private information of data holders; Yobicash manages and ensures privacy using an end-to-end encrypted system based on Elliptic; Curve Integrated Encryption Scheme (ECIES). This encryption system is only vulnerable to quantum attacks, which will still occur in ten to twenty years. Yobicash credentials are anonymous and untraceable, so the parties involved know exactly what is needed for a one-time data transfer. Reuse of public keys is also prohibited and enforced using anonymous credentials. Additionally, the use of public key cryptography eliminates the need to rely on insecure communication channels to create shared keys. Integrity preserves the authenticity of data throughout its lifecycle by ensuring that unauthorized parties cannot tamper with it. It also ensures that data is not corrupted due to unintentional software or hardware malfunction. Standard measures to ensure integrity include access controls, cryptographic checksums, uninterrupted power supplies and backups. Some of the challenges that could jeopardize integrity include: Tampering with plaintext data on the fly in a man-in-the-middle attack; Compromise a cloud server where end-to-end encryption is not used; Drop or reroute packets on the fly during a man-in-the-middle attack; Yobicash uses checksums to verify whether the.