The CIA Triad and the Five Pillars of Information Assurance

The CIA Triad

• Confidentiality: Certain information is more valuable and useful if kept secret.
• Integrity: This addresses the quality of the information.
• Availability: Information should be available to authorized users as needed.

The Five Pillars of Information Assurance

Sometimes these are referred to as the Five Pillars of Cyber Security.

The DoD adds two more items to the CIA Triad.

• Authentication: This establishes the validity of a transmission or file, or provides a means to verify the sender or the authority of the receiver to receive information.
• Non-Repudiation: We need to provide proof of the sender’s identity to the recipient and we need to provide proof of delivery to the sender.

Textbook

Our textbook includes the CIA Triad but adds the following items in place of the two extra DoD items.

• Authentication: same meaning as above.
• Authorization: Demonstrate who has permission to access a given area.
• Accounting: Track events.