Scribd
Upload
69 views12 pages

CS Day 2

The document discusses information security and the CIA triad of confidentiality, integrity, and availability. It defines each concept and provides examples of how to protect them. Confidentiality ensures only authorized individuals can access information through measures like classification, encryption, and policies. Integrity means data is complete and unaltered, protected from corruption. Authentication and non-repudiation help ensure the identity of senders and receivers of information.

Uploaded by

Online Class, CAS KPLY
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
69 views12 pages

CS Day 2

The document discusses information security and the CIA triad of confidentiality, integrity, and availability. It defines each concept and provides examples of how to protect them. Confidentiality ensures only authorized individuals can access information through measures like classification, encryption, and policies. Integrity means data is complete and unaltered, protected from corruption. Authentication and non-repudiation help ensure the identity of senders and receivers of information.

Uploaded by

Online Class, CAS KPLY
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 12

1

2
3
4
NIST- National Institute of Science and Technology

5
To be secure, the Information needs to be :-
 Hidden from un-authorised access (Confidentiality)
 Protected from un-authorised change (Integrity)
 Available to an authorised entity when it is needed (Availability)
These three concepts form what is often referred to as the CIA triad.

6
Information has confidentiality when it is protected from disclosure or exposure to un-
authorised individuals or systems.
Confidentiality ensures that only those with proper rights and privileges to access the
information are able to do so.

7
To protect confidentiality of information, several measures can be used
 Information Classification - a process in which organisations assess the data that they hold and
the level of protection it should be given.
 Secure document storage and transmission
 Application of Security Policies including encryption
 Training and awareness to information custodians and end-users.

8
Information has integrity when it is whole, complete and un-corrupted.
Integrity of information is threatened when the information is exposed to corruption,
damage, destruction or other disruption from its authentic state.
Integrity means that changes to data need to be done only by authorised entities and
through authorised mechanisms.

9
This paragraph may be included according to marks ----------

10
----------------------------- ------------------------------------ ------------------------------

additional concepts are needed to present a complete picture.

11
Authentication is necessary to ensure that the receiver has received the message from
the actual sender and not a hacker. The receiver can authenticate the sender by sharing a common
secret code word by sending digital signature or by use of digital certificates.

a sender’s identity and ensuring that each input arrives from


a trusted source.

12

You might also like