Discussion


 

Week 7 Discussion – Confidentiality, Integrity, and Availability (CIA): the foundations of information security

(graphic source: http://epjst.epj.org/articles/epjst/abs/2012/14/epjst214008/epjst214008.html)

Confidentiality, integrity, and availability, or the CIA triad of security, is introduced in this session. These three dimensions of security may often conflict. Confidentiality and integrity often limit availability.  So, a system should provide only what is truly needed. This means that a security expert has to carefully analyze what is more important among these three dimensions of security in a system or application. 

Use this forum to provide three examples and justification:

  1. Where the confidentiality of a system is more important than the integrity or availability of that system.
  2. Where the integrity of a system is more important than the confidentiality or availability of that system.
  3. Where the availability of a system is more important than the confidentiality or integrity of that system.

For example, you might say availability is more important than integrity and confidentiality in a cell telephone system since one must be able to reach their loved ones in an emergency. Someone else might argue confidentiality/privacy is more important in such a system.