Within security there are 3 core fundamental goals which security must provide: Availability, Integrity, and Confidentiality. These pillars create the AIC triad which is designed to serve protection for critical assets.
Availability
- ensures timely and reliable access to data and resources to authorized individuals
e.g., RAID array drives, redundant data and power lines
Integrity
- assures accuracy by restricting unauthorized modifications and creates reliability of information and systems
e.g., Hashing (data integrity), Configuration management (system integrity), Change control (process integrity)
Confidentiality
- verifies that a necessary level of secrecy has been enforced at various junctions of data processing to prevent unauthorized disclosure
e.g., Data Encryption at rest (whole disk, database encryption), Data Encryption in transit (IPSec, SSL, PPTP, SSH)
0 comments:
Post a Comment