December 8, 2022

[Security Triangle CIA ] The Security, Functionality, and Usability Triangle And also known as CIA Triangle confidentiality, integrity, and availability are Explained in Brief. These are the three factors of the triangle which are known as the security triangle. In the Domain of Cyber Security { Security Triangle CIA } Plays a very important role from being a victim of Cyber Attack So, Here You will Get Full Idea of Security Triangle CIA .

The Security, Functionality, and Usability Triangle

Technology is evolving at an unprecedented rate. As a result, new products that are reaching the market focus more on ease-of-use than on secure computing.

Though technology was originally developed for “honest” research and academic purposes, it has not evolved at the same pace as users’ proficiency.

Moreover, in this evolution, system designers often overlook vulnerabilities during the intended deployment of the system. However, adding more built-in default security mechanisms allows users more competence.

Also Read: 1.Information Security Overview

It is becoming difficult for system administrators and system security professionals to allocate resources, exclusively for securing systems, with the augmented use of computers for an increasing number of routine activities.

This includes the time needed to check log files, detect vulnerabilities, and apply security update patches.

As routine activities consume system administrators’ time, leaving less time for vigilant administration, there is little time to deploy measures and secure computing resources on a regular and innovative basis.

This fact has increased the demand for dedicated security professionals to constantly monitor and defend ICT (Information and Communication Technology) resources.

Originally, to “hack” meant to possess extraordinary computer skills to explore hidden features of computer systems. In the context of Information security, hacking is defined as the exploitation of vulnerabilities of computer systems and networks and requires great proficiency.

However, today there are automated tools and codes available on the Internet that make it possible for anyone, who possesses the will, to succeed at hacking. However, mere compromise of system security does not denote hacking success.

Also, Read 3. Security Threats and Attack Vectors

There are websites that insist on “taking back the Internet” as well as people who believe that they are doing everyone a favor by posting details of their exploits. In reality, doing so serves to hamper the skill level required to become a successful attacker.

The ease with which system vulnerabilities can be exploited has increased while the knowledge curve required to perform such exploits has decreased. The concept of the elite “super attacker” is an illusion.

However, the fast-evolving genre of “script kiddies” is largely comprised of lesser-skilled individuals having second-hand knowledge of performing exploits. One of the main impediments contributing to the growth of security Infrastructure Iles in the unwillingness of exploited or compromised victims to report such incidents for fear of losing the goodwill and faith of their employees, customers, or partners, and/or of losing market share.

The trend of information assets influencing the market has seen more companies thinking twice before reporting incidents to law enforcement officials for fear of “bad press” and negative publicity.

The increasingly networked environment, with companies often using their websites as single points of contact across geographical boundaries, makes it critical for administrators to take countermeasures to prevent exploits that can result in data loss. This is why corporations need to invest in security measures to protect their information assets.

Level of security In any system can be defined by the strength of three components:

  • Functionality: The set of features provided by the system.
  • Usability: The GUI components used to design the system for ease of use.
  • Security: Restrictions Imposed on accessing the components of the system.

Also Read: What Is Honeypot? Trap For Hackers !!

The relationship between these three components Is demonstrated by using a triangle because an increase or decrease in any one of the component automatically affects the other two components. Moving the ball towards any of the three components means decreasing the intensity of the other two components.

The diagram in the slide represents the relationship between functionality, usability, and security. For example, as shown in the slide above, if the ball moves towards Security it means increased security and decreased Functionality and Usability.

If the ball is in the center of the triangle, then all the three components are balanced. If the ball moves towards usability it means an increased Usability and decreased Functionality as well as Security. For any implementation of security controls, all three components have to be considered carefully and balanced to get acceptable functionality and usability with acceptable security.

That’s it for today the next topic is in the next blog

-Ajinkya Kadam

5 thoughts on “2. The Security Triangle (Security Model)

  1. Wow! This can be one particular of the most helpful blogs We have ever arrive across on this subject. Actually Great. I am also a specialist in this topic so I can understand your hard work.

  2. I am really impressed with your writing skills and also with the layout on your blog. Is this a paid theme or did you customize it yourself? Anyway keep up the nice quality writing, it’s rare to see a nice blog like this one today..

Leave a Reply

Your email address will not be published. Required fields are marked *