You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: blog1.html
+12-9Lines changed: 12 additions & 9 deletions
Original file line number
Diff line number
Diff line change
@@ -94,35 +94,37 @@ <h1>Understanding the CIA Triad (Confidentiality, Integrity, Availability)</h1>
94
94
<p><em>From my first bug bounty submission to my CNS class, the CIA Triad has been at the core of everything I’ve learned about cybersecurity.</em></p>
95
95
96
96
<h2>Introduction</h2>
97
-
<p>This semester, I have a new subject called <strong>CNS (Cryptography and Computer Networks)</strong>. The first thing my teacher taught was the goals of security — and the answer was <strong>CIA</strong>. Interestingly, I had already come across this concept while submitting my first bug report — it asked about the CIA impact, and based on that, the platform determined the severity of the bug.</p>
97
+
<p>This semester, I have a new subject called <strong>CNS (Cryptography and Computer Networks)</strong>. The first thing my teacher taught was the goals of security and the answer was <strong>CIA</strong>. Interestingly, I had also come across this concept while submitting my first bug report when it asked about the CIA impact, and based on that, the platform determined the severity of the bug.</p>
98
98
99
99
<p>You can think of the <strong>CIA Triad</strong> as a simple yet high-level checklist for evaluating security procedures and tools. It consists of three key principles — <strong>C (Confidentiality)</strong>, <strong>I (Integrity)</strong>, and <strong>A (Availability)</strong>. Let’s understand what each of these means.</p>
100
100
101
101
<h2>1. Confidentiality</h2>
102
102
<p>Confidentiality means keeping data private and accessible only to those who are authorized to see it. In other words, information should remain within the boundaries of who it’s meant for.</p>
103
103
104
-
<p>Humans, driven by curiosity, often try to access things that are intentionally hidden — but in cybersecurity, this is not about curiosity, it’s about <strong>privacy</strong> and <strong>protection</strong>. Therefore, we must ensure that data remains confidential to maintain security.</p>
104
+
<p>Humans, driven by curiosity, often try to access things that are intentionally hidden but in cybersecurity, this is not about curiosity, it’s about <strong>privacy</strong> and <strong>protection</strong>. Therefore, we must ensure that data remains confidential to maintain security.</p>
105
105
106
106
<p>In simple terms, confidentiality means only those with proper permission or authorization can access the information.</p>
107
107
108
-
<p>Some common ways to maintain confidentiality include <strong>authentication</strong>, <strong>authorization</strong>, <strong>encryption</strong>, <strong>passwords</strong>, and <strong>digital signatures</strong>. However, as defenders strengthen security, attackers continually develop new methods to exploit weaknesses — so, defenders must always stay one step ahead.</p>
108
+
<p>Some common ways to maintain confidentiality include <strong>authentication</strong>, <strong>authorization</strong>, <strong>encryption</strong>, <strong>passwords</strong>, and <strong>digital signatures</strong>. However, as defenders strengthen security, attackers continually develop new methods to exploit weaknesses. So, defenders must always stay one step ahead.</p>
109
109
110
110
<h2>2. Integrity</h2>
111
-
<p>Integrity ensures that data is trustworthy, accurate, and free from tampering. The integrity of data is maintained only if it remains authentic, reliable, and unaltered.</p>
111
+
<p>In simple terms, I am writing this blog, and I am the author. You are reading it as my blog, so you should not be allowed to make changes to it. It sounds pretty obvious but is actually quite profound if you think about it — because without integrity, the entire foundation of data and the trust that the internet is built upon would collapse. Integrity ensures that data is trustworthy, accurate, and free from tampering. The integrity of data is maintained only if it remains authentic, reliable, and unaltered.</p>
112
112
113
-
<p>If a company provides some information, users must be confident that it’s correct — otherwise, trust can be severely damaged. To preserve integrity, we must ensure that data cannot be modified by unauthorized or untrustworthy individuals.</p>
113
+
<p>If a company provides certain information, users must be confident that it’s correct; otherwise, their trust can be severely damaged. To preserve integrity, we must ensure that data cannot be modified by unauthorized or untrustworthy individuals.</p>
114
+
115
+
<p>Techniques such as <strong>hashing</strong>, <strong>encryption</strong>, <strong>digital certificates</strong>, and <strong>digital signatures</strong> help maintain data integrity. For websites, using trusted <strong>Certificate Authorities (CAs)</strong> ensures that users are visiting genuine and verified websites, preventing impersonation or tampering.</p>
114
116
115
-
<p>Techniques such as <strong>hashing</strong>, <strong>encryption</strong>, <strong>digital certificates</strong>, and <strong>digital signatures</strong> help in maintaining data integrity. For websites, using trusted <strong>Certificate Authorities (CAs)</strong> ensures that users are visiting genuine and verified websites, preventing impersonation or tampering.</p>
116
117
117
118
<h2>3. Availability</h2>
118
-
<p>Even if data is confidential and its integrity is maintained, it becomes useless if it isn’t available to those who need it. Availability ensures that systems, networks, and applications function properly and are accessible whenever required.</p>
119
+
<p>Even if data is confidential and its integrity is maintained, it becomes useless if it isn’t available to those who need it. Whatever I am saying or writing in this blog would be of no use if you weren’t able to read it. So, just as it’s important for data to be correct, it must also be available at the same time. Availability ensures that systems, networks, and applications function properly and remain accessible whenever required.</p>
119
120
120
-
<p>Individuals with authorized access should be able to retrieve information quickly and efficiently without excessive delay. In today’s digital world, downtime can cause massive losses, both financially and operationally.</p>
121
+
<p>Individuals with authorized access should be able to retrieve information quickly and efficiently without unnecessary delay. In today’s digital world, downtime can cause massive losses — both financially and operationally.</p>
121
122
122
-
<p>One major threat to availability is a <strong>Denial-of-Service (DoS)</strong> attack, where attackers overwhelm a server with excessive traffic, causing legitimate requests to fail.</p>
123
+
<p>One major threat to availability is a <strong>Denial-of-Service (DoS)</strong> attack, where attackers flood a server with excessive traffic, causing legitimate requests to fail.</p>
123
124
124
125
<p>To ensure high availability, organizations often implement <strong>redundant servers</strong>, <strong>backup networks</strong>, and <strong>failover systems</strong> — these automatically take over when the primary system is disrupted or fails.</p>
125
126
127
+
126
128
<h2>Conclusion</h2>
127
129
<p>The <strong>CIA Triad</strong> forms the foundation of all cybersecurity principles. Whether it’s protecting user data, securing websites, or assessing bug impacts, understanding <strong>Confidentiality</strong>, <strong>Integrity</strong>, and <strong>Availability</strong> helps us evaluate how secure a system truly is.</p>
128
130
@@ -133,6 +135,7 @@ <h2>Conclusion</h2>
133
135
</ul>
134
136
135
137
<p>Together, they form the <strong>core of information security.</strong></p>
0 commit comments