CIA Triad (Confidentiality Integrity Availability)

The CIA Triad is the foundation of cybersecurity. It describes the three main goals of protecting information:

• Confidentiality
• Integrity
• Availability

Think of it like protecting a treasure chest:

• Confidentiality → Only the right people can open it
• Integrity → The treasure inside is not altered
• Availability → You can access it whenever you need it

If any one of these fails, security is broken.

Confidentiality

What is Confidentiality?

Confidentiality means only authorized people can access information.

It prevents:

• Hackers from stealing data
• Employees from seeing data they shouldn’t
• Sensitive information from leaking

Real-World Example

Your:

• Bank account details
• Passwords
• Medical records

Should not be visible to strangers.

How Confidentiality is Achieved

1. Encryption

Data is converted into unreadable form.

Example (Python Encryption):

from cryptography.fernet import Fernet

# Generate a key
key = Fernet.generate_key()
cipher = Fernet(key)

# Encrypt data
message = b"Secret Information"
encrypted = cipher.encrypt(message)

# Decrypt data
decrypted = cipher.decrypt(encrypted)

print("Encrypted:", encrypted)
print("Decrypted:", decrypted)

If someone steals the encrypted data, they cannot read it without the key.

2. Strong Passwords

Only users with correct credentials can access systems.

3. Multi-Factor Authentication (MFA)

You need:

• Something you know (password)
• Something you have (OTP code)
• Something you are (fingerprint)

Integrity

What is Integrity?

Integrity means data remains accurate and unaltered.

No one should:

• Modify files
• Change transaction amounts
• Tamper with records

Real-World Example

Imagine transferring $100.

If someone changes it to $1000 during transmission, integrity is broken.

How Integrity is Achieved

1. Hashing

Hashing creates a unique digital fingerprint of data.

import hashlib

data = "Important Data"
hash_value = hashlib.sha256(data.encode()).hexdigest()

print("Hash:", hash_value)

If someone changes the data, the hash changes completely.

2. Digital Signatures

Used to verify:

• The sender
• That the message was not modified

Availability

What is Availability?

Availability means systems and data are accessible when needed.

Even if data is secure, it’s useless if users cannot access it.

Real-World Example

If:

• A hospital system crashes
• A website is down due to a DDoS attack
• Servers fail

Availability is compromised.

A famous ransomware example that affected availability was:

• WannaCry

It locked systems worldwide, making data unavailable.

How Availability is Achieved

1. Backups

# Create a backup of a file
cp important_file.txt backup_file.txt

2. Redundant Servers

Multiple servers ensure system uptime.

3. Protection Against DDoS Attacks

How the CIA Triad Works Together

Imagine an online banking system:

Security GoalWhat It ProtectsExampleConfidentialityPrevents unauthorized viewingEncryptionIntegrityPrevents unauthorized modificationHash verificationAvailabilityEnsures access when neededBackups & uptime

If one fails:

• No confidentiality → Data leaks
• No integrity → Data is corrupted
• No availability → System unusable

True security requires all three.

Combined Example (Simple Demonstration)

Below is a simple script that:

• Hashes data (Integrity)
• Encrypts data (Confidentiality)

import hashlib
from cryptography.fernet import Fernet

# Original data
data = "CIA Triad Example"

# Integrity: Create hash
hash_value = hashlib.sha256(data.encode()).hexdigest()

# Confidentiality: Encrypt
key = Fernet.generate_key()
cipher = Fernet(key)
encrypted_data = cipher.encrypt(data.encode())

# Decrypt to show availability of data
decrypted_data = cipher.decrypt(encrypted_data).decode()

print("Original:", data)
print("Hash:", hash_value)
print("Encrypted:", encrypted_data)
print("Decrypted:", decrypted_data)

Compilation of All Code Blocks (Combined into One)

Below is every code example combined into a single block:

# ---------------------------------
# CIA TRIAD FULL DEMONSTRATION
# ---------------------------------

import hashlib
from cryptography.fernet import Fernet

# -----------------------------
# Confidentiality (Encryption)
# -----------------------------
key = Fernet.generate_key()
cipher = Fernet(key)

message = b"Secret Information"
encrypted = cipher.encrypt(message)
decrypted = cipher.decrypt(encrypted)

print("Encrypted:", encrypted)
print("Decrypted:", decrypted)


# -----------------------------
# Integrity (Hashing)
# -----------------------------
data = "Important Data"
hash_value = hashlib.sha256(data.encode()).hexdigest()
print("Hash:", hash_value)


# -----------------------------
# Combined Example
# -----------------------------
data2 = "CIA Triad Example"

hash_value2 = hashlib.sha256(data2.encode()).hexdigest()
encrypted_data = cipher.encrypt(data2.encode())
decrypted_data = cipher.decrypt(encrypted_data).decode()

print("Original:", data2)
print("Hash:", hash_value2)
print("Encrypted:", encrypted_data)
print("Decrypted:", decrypted_data)

# -----------------------------
# Availability (Backup Example)
# -----------------------------
cp important_file.txt backup_file.txt