Confidentiality, Integrity, and Availability

Confidentiality, integrity and availability comprise the CIA triad, a model used to guide the areas of focus for computer security. These three foundational objectives drive the development of policies, form the basis for information security plans, and are the principles for developing benchmarks to assess security. Confidentiality ensures that only authorized users have access to data. Assuring that data remains in its intended state and is only edited by authorized personnel is the definition for integrity. Finally, providing the right access to systems and data when and where needed is availability. Together, the CIA triad provides a solid baseline for computer security.

There are two additional objectives that are often included in security evaluations and plans: authentication and nonrepudiation. Authentication is the process by which credentials are presented and validated to enable access. Nonrepudiation ensures authenticity such that the originator cannot deny their identity