When we talk about security, we use the term asset to refer to a thing that we want to protect. For example, an encryption key is often classed as an asset. Let’s consider the properties of an asset that we might want to protect.
When we consider security, we should ask ourselves some questions:
- What thing do I want to protect?
- What is it about that thing that I want to protect?
- Who or what am I protecting that thing from?
- What is the value of the thing that is being protected?
Confidentiality refers to who can see, access, or use an asset. We want to control access to the asset and ensure that unauthorized access is prevented. The most common mechanisms to achieve confidentiality are cryptography and access control.
The contents of your smartphone provide an example of confidentiality protection. Many smartphones have an encrypted file system to protect the data on your phone if you lose it. The cryptographic key that is used to decrypt the file system is only available after a user has authenticated themselves. In this example, cryptography is used to protect the confidentiality of the data in the filesystem. Access control is used to protect the confidentiality of the key that is needed to read the filesystem.
Integrity refers to protecting the accuracy and completeness of an asset. Integrity protects the asset from unauthorized modifications or detects whether modifications have occurred.
For example, consider a device that includes the public key of an update server. This public key is not a secret, so we might not care about ensuring its confidentiality. However, we do need to ensure that the key is not replaced or tampered with. Replacing the key would allow an attacker to make a malicious update that appeared to be a genuine update. Corrupting the key might prevent the system from installing genuine updates. This corruption would leave the system open to known attacks.
Authenticity refers to verification that an asset is what it claims to be.
Let's use again the example of a device that includes the public key of an update server. When a device downloads a software update from an update server, we need to ensure that the update is authentic. The software provider signs the update with its private key, and the device can verify the signature using its copy of the public key. By ensuring the integrity of the stored public key, the device can check the authenticity of the software update. If an attacker tries to substitute the update, we can detect this and prevent installation.
Availability means that authorized users can access and use the asset in the ways that it is intended to be used.
A denial-of-service attack is a common method of denying availability. Typically, a denial-of-service attack involves flooding a system with false requests or data. For example, a denial-of-service attack might send large numbers of requests to a website, hoping to make the website so busy that it cannot service its genuine users.
Availability is about ensuring that, even if attacked, the user can still access and use an asset.