The CID/CIA triad (Confidentiality, Integrity, Availability, also “CIA Triad” or “CID Model”) is the fundamental model of information security, establishing the three pillars on which all cybersecurity strategies are built. Confidentiality ensures that information is only accessible to authorized persons, integrity guarantees that information is not modified in an unauthorized manner, and availability ensures that information and systems are accessible when needed, being this model the basis for risk assessment, security control design, and information security management in all organizations.

Confidentiality (Confidentiality)

Definition

Confidentiality ensures that information is only accessible by authorized persons, entities, or processes.

Characteristics

  • Access control: Only authorized users can access
  • Encryption: Protection of data in transit and at rest
  • Data classification: Sensitivity levels (public, internal, confidential, secret)

Protection Techniques

  • Authentication: Verify user identity
  • Authorization: Determine what each user can do
  • Encryption: Transform data into unreadable format
  • Anonymization: Remove personal identifiers

Violation Examples

  • Unauthorized access to databases
  • Communication interception
  • Credential theft
  • Social engineering

Integrity (Integrity)

Definition

Integrity ensures that information is not modified without authorization and maintains its accuracy and completeness.

Integrity Types

Data Integrity

  • Accuracy: Data is correct and precise
  • Completeness: No important data is missing
  • Consistency: Data is coherent between systems

System Integrity

  • Correct operation: System operates as expected
  • No unauthorized modifications: Code has not been altered
  • Secure configuration: Parameters are correct

Protection Techniques

  • Cryptographic hashes: Verify file integrity
  • Digital signatures: Authenticate origin and integrity
  • Access controls: Prevent unauthorized modifications
  • Backups: Recover data in case of corruption

Violation Examples

  • Modification of financial records
  • Source code alteration
  • Database manipulation
  • Unauthorized configuration changes

Availability (Availability)

Definition

Availability ensures that information and resources are available when needed.

Availability Aspects

Uptime

  • SLA: Service level agreements
  • RTO: Recovery time objective
  • RPO: Recovery point objective

Performance

  • Latency: Response time
  • Throughput: Processing capacity
  • Scalability: Growth capacity

Protection Techniques

  • Redundancy: Backup systems
  • Load balancers: Distribute traffic
  • Clusters: Server groupings
  • CDN: Content distribution networks

Availability Threats

  • DDoS: Denial of service attacks
  • Hardware failures: Physical problems
  • Power outages: Electrical interruptions
  • Natural disasters: Catastrophic events

Triad Balance

Common Tensions

Confidentiality vs Availability

  • Strong encryption: Increases security but may reduce performance
  • Robust authentication: Improves security but may slow access

Integrity vs Availability

  • Exhaustive validations: Improve integrity but may reduce speed
  • Frequent backups: Protect integrity but consume resources

Balance Strategies

  • Risk analysis: Evaluate specific threats
  • Data classification: Apply controls according to criticality
  • Security architecture: Design that balances the three pillars
  • Continuous monitoring: Measure and adjust controls

Practical Implementation

Confidentiality Controls

1
2
3
4
5
6

# File encryption
gpg --symmetric --cipher-algo AES256 file.txt

# Access control
chmod 600 sensitive_file.txt
chown user:group sensitive_file.txt

Integrity Controls

1
2
3
4
5

# Generate SHA-256 hash
sha256sum file.txt

# Verify integrity
echo "expected_hash file.txt" | sha256sum -c

Availability Controls

1
2
3
4
5
6
7
8

# Service monitoring
systemctl status critical_service

# Load balancer
upstream backend {
    server server1:80;
    server server2:80;
}

Metrics and KPIs

Confidentiality

  • Unauthorized access attempts: Number of blocked attempts
  • Encryption coverage: Percentage of encrypted data
  • Detection time: Speed to detect unauthorized access

Integrity

  • Backup integrity: Backup integrity verification
  • Modification detection: Alerts for unauthorized changes
  • Recovery time: Speed to restore integrity

Availability

  • Uptime: Percentage of uptime
  • MTTR: Mean time to recovery
  • SLA compliance: Service agreement compliance

Reference Frameworks

ISO 27001

  • A.8.1: Asset management
  • A.9: Access control
  • A.10: Cryptography
  • A.12: Development security

NIST Framework

  • Identify: Identify assets and risks
  • Protect: Implement protection controls
  • Detect: Monitor and detect threats
  • Respond: Respond to incidents
  • Recover: Recover capabilities

References