Security Attributes in Cyber Security

The well-known security properties or attributes are:

  • Confidentiality
  • Availability
  • Integrity
  • Authentication
  • Authorization
  • Non-repudiation
The three properties confidentiality, integrity, and availability are generally known as CIA triad or as AIC triad. 

Confidentiality refers to the fact that the assets should be accessible to only authorized users. Confidentiality can be thought of as a part of privacy. Confidentiality can be implemented using encryption and decryption.

Integrity refers to the fact that the data or information either at transit or in the storage is complete and consistent i.e., it is not modified by any third party. Integrity can be implemented through the hash techniques.

Availability guarantees that the application or system or assets are available for use by the authorized users. What's the point if the assets are not available to use even if the user is genuine. Availability is implemented through backups, disaster and recovery mechanisms. 

Authentication allows the identification of users. It can deduce whether a user is valid or invalid. Authentication can be implemented using passwords, biometrics, etc. Authorization generally follows authentication.

 Authorization enforces access control which decides how far or up to which level has user access to. Authorization can be implemented using access control lists etc. 

Non-repudiation property ensures that a user can't deny his/her actions against the assets. Non-repudiation can be implemented using digital signatures. 



Comments

Post a Comment

Popular posts from this blog

Cybernatics

The term cyber had its origin with the word cybernatics which deals with information and its use. Cybernatics is the science that overlaps the fields of neurophysiology, information theory, computing machinery and automation
Read more

Cyber Criminals in Cyber Security

Cybercriminals are people who commit cybercrimes. Based on the motivation for committing cybercrimes, cybercriminals can be divided into three categories or types as given below: Cybercriminals who are hungry for recognition Cybercriminals who are not interested in recognition Cybercriminals who are insiders
Read more

Cyberspace

Cyberspace is "a network of computer networks or devices that uses the TCP/IP for communication to facilitate transmission and exchange of data." The term cyberspace was coined by " William Gibson" , a science fiction writer, in his Sci-fi novel, " Neuomancer ".
Read more