Trusted answers to developer questions
Trusted Answers to Developer Questions

Related Tags

What are the five pillars of information security?

Saleha Muzammil

Grokking Modern System Design Interview for Engineers & Managers

Ace your System Design Interview and take your career to the next level. Learn to handle the design of applications like Netflix, Quora, Facebook, Uber, and many more in a 45-min interview. Learn the RESHADED framework for architecting web-scale applications by determining requirements, constraints, and assumptions before diving into a step-by-step design process.

 

Overview

Information security is paramount for an enterprise to ensure that vital information is not compromised. The U.S. Department of Defense has promulgated the five pillars of information assurance model. Setting these pillars is central to developing any information security mechanism in our business. We have to manage the following five pillars of the IA framework to build a secure system:

  • Confidentiality 
  • Integrity 
  • Availability 
  • Authenticity 
  • Non-repudiation
The five pillars of information security

Confidentiality

Confidentiality assures that the unauthorized parties do not have access to information. The information which is being transmitted must be encrypted. Only those who are authorized can decrypt and access this information.

The confidentiality principle

Integrity

Integrity assures that the information remains in its original state, meaning the system should safeguard data's accuracy and completeness. Integrity ensures that unauthorized individuals do not tamper with or modify the information. 

File integrity monitoring

Availability

Availability ensures that the authorized parties have easy and timely access to the information system. This pillar ensures the system remains robust and fully functional even during adverse conditions. It involves protection against threats that can block access to the information system. 

An example of a contradiction of the availability principle

Authenticity

Authenticity ensures the validity of a transmission or a message or the verification of a party's authorization to receive specific information. It prevents impersonation and requires confirmation of the identities of the party before giving access to the information system and resources.

The principle of authenticity

Non-repudiation

Non-Repudiation ensures that the sender is provided with proof of delivery and the receiver is provided with proof of sender's identity. This attribute assures the sender of data is provided with proof of delivery and the recipient is provided with proof of the sender's sending the message so that neither can deny sending or receiving data, respectively.

A contradiction of non-repudiation

The five pillars of information security can be applied in various ways, depending on an enterprise's sensitivity and information system. They can be used to conduct safe and secure operations.

RELATED TAGS

CONTRIBUTOR

Saleha Muzammil
Copyright ©2022 Educative, Inc. All rights reserved

Grokking Modern System Design Interview for Engineers & Managers

Ace your System Design Interview and take your career to the next level. Learn to handle the design of applications like Netflix, Quora, Facebook, Uber, and many more in a 45-min interview. Learn the RESHADED framework for architecting web-scale applications by determining requirements, constraints, and assumptions before diving into a step-by-step design process.

Keep Exploring