1.Integrity: This principle focuses on maintaining the accuracy and trustworthiness of data. It ensures that data remains unaltered and free from corruption. Key points related to integrity:

oData Accuracy: Integrity ensures that data reflects the true state of information. Any unauthorized changes or alterations are detected and prevented.

oHash Functions: Hash functions are commonly used to verify data integrity. These functions generate a fixed-size hash value (checksum) based on the original data. If any part of the data changes, the hash value will also change, indicating potential tampering.

oDigital Signatures: Digital signatures provide a way to verify the integrity of electronic documents. They use asymmetric encryption to sign data, ensuring that it has not been altered since the signature was applied.

oData Validation: Implementing input validation and proper access controls helps maintain data integrity by preventing unauthorized modifications.

2.Confidentiality and Availability:

oConfidentiality: This principle ensures that only authorized users can access sensitive data. It focuses on keeping information private and restricting access.

oAvailability: Availability ensures that authorized users can access data when needed. It prevents data from being unavailable due to system failures, attacks, or other disruptions.

3.Balancing the Triad:

oWhile all three principles are essential, they can sometimes conflict with each other. For example:

Enhancing confidentiality (e.g., strong encryption) may impact availability (e.g., longer decryption times).

Rigorous integrity checks can affect system performance.

oOrganizations must strike a balance based on their specific security requirements.

References

•CSO Online: The CIA triad: Definition, components, and examples

•Comparitech: What is the CIA triad — confidentiality, integrity, and availability?

•Preventive Approach: CIA Triad: A Comprehensive Guide for Beginners