Introduction
The AIC triad is one of the many approaches to secure networks in today's complex computing environments. What makes the AIC triad different from any other theory is that when it is used properly it forms the cornerstone of every aspect of computing and network security. Most IT security practices are focused on protecting systems from loss of confidentiality, loss of integrity, and loss of availability; these three together are referred to as the security triad, the CIA triad, and the AIC triad. Regardless of the order in which the letters are organized in the acronym, they refer to the same principles. Confidentiality, Integrity and Availability are the cornerstones to which a network is comprised. Each with its own independent yet very important role in networking. Confidentiality refers to access control and ensures that it is restricted to the individuals who have been previously authorized to access a network or one of its resources. Integrity addresses the validity of data and any networked object. It ensures that the unauthorized changes to the data or object is noticed so that appropriate actions can be taken. Availability’s meaning is essentially as simple as the word itself. It refers to the principle that addresses the need for an authorized user to have access to a resource as quickly as possible based off the networks functioning abilities.
Availability
In an information technology (IT) environment availability is one of the most important aspects. Each type of networked environment requires a different level of availability. A great example would be www.amazon.com or any online university. These types of organizations require a different level of availability because every minute of downtime affects their ability to provide the very feature that their type of business is comprised of. In a networked environment where a regular user logs on to conduct business in a corporate environment, availability plays an important role. If a user is unable to log on to a network, they are unable to perform their job. This type of loss could potentially cost an organization a tremendous amount of money because of their loss of man-hours and production. This is why the role of Availability it critical in the AIC/CIA triad. Network resources must be available whenever an authorized user attempts to access them. Access control plays a large part in availability because security can also impact availability. As a network administrator it is important to address this issue. Resources should never be unavailable to authorized users because of security protocols or inappropriately configured access controls. It is also important to carefully consider the method and complexity of access. This is important because the more complex the access method, the more likely users will have multiple issues accessing it.
Integrity
Integrity plays a vital role in the security of a network. What integrity means in a networked environment is that data has not changed from the state that it was last known to be. One of the more popular methods used to verify the integrity of data is called hashing. According to Gibson, (2011) “a hash is a number and a hashing algorithm can calculate a hash for a file or string of data; As long as the data has not changed (and the same hashing algorithm is used), the hash will always be the same.” (P.1) Hashing is a widely used technique that utilizes an algorithm to verify data integrity. There are numerous algorithms that perform this function. Some of the more common algorithms include: Message Digest Algorithm (MD5) series, Secure Hash Algorithm (SHA) series, HAVAL, RIPEMD, Tiger, MAC and HMAC. The MD series of algorithms are cryptographic algorithms that were developed by Ron Rivest several years ago. (Haines, 2012) Over the years there have several versions that have developed. MD2, MD4 and MD5 are the three versions that are included in the MD series of cryptographic algorithms. Secure Hash Algorithms are very secure algorithms that are very much like the MD5 series. In many ways they are more secure than the MD5 series because they produce larger cryptographic hashes. Where MD5 algorithms output a fixed 128 bit message digest, SHA are capable of outputting 160 bit message digest. The more bits that the algorithm is capable of outputting, the more secure the algorithm is. This means that it is much harder to change data without it being detected. Data integrity is not only important in enterprise networking but also in everyday home use as well. Hashing is great for protection against man in the middle attacks. A man in the middle attack occurs when data is intercepted by an unintended individual or device and altered prior to reaching its originally intended destination. Everyday computer and Internet users can really take advantage of this technology when downloading software or data from the web. Many online locations now provide the hash value along with the data or program that you are intending to download. This is provided to you so that after you have downloaded the file, you can then check its integrity using a hash algorithm. Once you have done this you compare the value you have against the one provided by the source. The values should be the same. Integrity is very important when it comes to security and it is one of the many aspects that must be included in any security plan.
Confidentiality
Confidentiality is the core reason behind all IT security. The word confidentiality is somewhat synonymous with security and its meaning. In a home environment a user is responsible for keeping their personal data and information private and confidential from the rest of the world. This becomes more difficult when end users utilize the Internet. This opens them up for a multitude of attacks and leaves their systems and data extremely vulnerable. In a networked environment it is the job of the IT department and IT security professionals to keep the resources and data safe and secure from unauthorized use. There are several tools that can be used in both personal and enterprise network environments to keep information secure and confidential. Encryption, firewalls, policies, Honeypots, Intrusion Preventions Systems and Intrusion Detection Systems are some of the many tools that that are commonly used to protect information. Encryption is a very useful tool to help keep data and information confidential from unwanted viewers. Encryption uses a coding process that requires keys to decode the information once it has been encoded. The two most common types of encryption are public key encryption and symmetric key encryption. Live data and data at rest both use encryption to help facilitate this process. Live data is data that is being transmitted via some form of transmission medium. One common method of securing live data that is sensitive is called tunneling. During tunneling the data is encapsulated and uses encapsulated security protocol (ESP) to encrypt the payload of the packets sent. Once encrypted it is decrypted at the distant end. This is a very popular form of securing live data. Data at rest also uses encryption. One of the types of encryption used in this scenario is drive level encryption. Some of the more common and popular programs that offer this type of encryption is “Data Armor” and “Bit Locker”. These programs are able to protect entire hard drives from unauthorized individuals. Firewalls are used to keep networks confidential from the rest of the world. They often come in the form of a router and control the traffic in to, out of and within a network. This not only protects data from individuals outside of a network but can also segment network traffic which keeps related traffic together. This helps to eliminate spillage which can cause data to be viewed by unauthorized individuals.

Conclusion The CIA triad addresses three very important aspects of IT security. They provided a baseline structure for IT professionals to use as a guide to ensure that the basic security needs are addressed. Each of these areas are critical and must be carefully configured to balance security and functionality of the network. IT professionals should be reminded that too much security is as bad as or worse than too little. Regardless of the order in which the letters are organized in the acronym, they refer to the same principles; confidentiality, Integrity and Availability are the cornerstones to which a network is comprised. Overall, the theories of confidentiality, integrity and availability are very useful tools that can help set the base for a very secure network environment.

References

Charles, K. (2012) Security Orb: Confidentiality Integrity Availability (CIA) Triad. Retrieved from http://www.securityorb.com/2012/06/confidentiality-integrity-availability-cia-triad/
Gibson, D. (2011) Pearson IT Certification: Understanding the Security Triad. Retrieved from http://www.pearsonitcertification.com/articles/article.aspx?p=1708668
Haines, B. (2012) John Wiley & Sons, Inc., CompTIA Advanced Security Practitioner
INFOSEC. (2010). ISS SCHOOL: The AIC Triad (CIA TRIAD) Retrieved from http://www.infosecschool.com/aic-triad_cia-triad/
Stewart, J. (2011) Wiley Publishing, Inc. Certified Information Systems Security Professional: Fifth Edition. Chapter 1