The CIA Triad are three guiding model of information security.
- Confidentiality: data can’t be accessed by unauthorized party
- Integrity: data can’t be changed by attackers
- Availability: ensuring data and network resources are accessible to authorized users when needed.
It is sometimes pointed out that the CIA triad may not be sufficient. For example, issues like non-repudiation does not fit well with the triad.
Confidentiality
The primary way to maintain confidentiality is through encryption.
Integrity
There are various ways to ensure integrity, often involving hashing; examples include MACs and digital signatures.
Related to consistency in the ACID model of transaction processing.
Hashing
A main threat of availability is the DDoS attack. This can be mitigated by strategies such as redundancy, rate limiters, or load balancers.