A fundamental model in information security that defines the core objectives required to protect information systems.
Core objectives
Confidentiality
Ensures unauthorized parties cannot access information.
Integrity
Protects information from being modified or deleted.
Availability
Ensures information is accessible for authorized parties.
When all the objectives are met, the system is said to be secure.
Additional objectives
Included in certain cases.
Authentication
Proving that the identity of a person or device they are claiming to be. Can be thought of as integrity of identity. Covered more in its own page.
Nonrepudiation
Assurance that actions or messages cannot be denied.