Question

• Review the three attributes you learned in Cybersecurity: Confidentiality, Integrity and Availability. Learn Information Assurance and understand why two more attributes, Authentication and Nonrepudiation, should be involved in the Security Services dimension, and what the Time dimension for information security and assurance discusses.
• Write a short paper to discuss and describe your understanding.

Answer 1

Ans: - Cybersecurity protects the computer system and other devices from different cyber-attacks. On internet the cyber-attacks are being increased day by day. So, the security of the online inter-connected system is the major concern. There are three main attributes that are related to the cybersecurity that Integrity, confidential and Availability.

Integrity: - Integrity in terms of security means that the data should remain accurate, consistent and uninterrupted. The system should be made as secure as no unauthorized user cannot make any alterations in the data. Getting unauthorized access by any attacker can leak whole data and records. So, the integrity focus on keeping data secure from unauthorized users.

Confidentiality: - Confidentiality refers to privacy of the data. The data in any organization or industry should kept confidential and should be only accessible to the authorized users to prevent data from unauthorized access. Data should be accessible for the different workers in the organisation according to their requirement. For example, the database administrator has access to all the data of the database and he can make alterations in data. But other employees can see only that part of data which is required to them.

Availability: - The availability is also an important factor of security. Availability means that the information must be available for the authorized user. System must be made available to the user and it should function properly. Login credentials are used to make the availability of the system possible. So that only authorized users can access the system resources.

But achieving these three factors of information security does not ensure the complete security. There are several more dimensions of the security that need to be implemented. The employees of the organization should be trustworthy because they know about the infrastructure and working environment of the organization. But they can be threat to the organization because these employees can leak the confidential information to other parties which can cause a negative impact on the growth of any organization. So, the employees and other members of the company should follow the security policies of the company.

The information assurance is the model for protecting the computer system and information technology. It includes five factors which are confidentiality, availability, integrity, authentication and non-repudiation. By ensuring all these factors in the security mechanism it protects the information.

It includes authentication and non-repudiation which are required to make data secure and accurate.

Authentication: - Authentication is the method to identify and verify the users. Authentication includes the password, login credentials, biometric and other techniques for the validation of the users. This is essential in any organization protect the information.

Non-repudiation: - It is the important factor in the information assurance model. If any user has accessed the system and perform some actions on it then he can deny or disagree that he hasn’t done it. It means there is record of the communication or meeting that held between any party and organization so that party cannot deny that conversation.

So, the above two factors are also important and that why they are involved in the Security Services dimensions. As identifying and validation the users is important and any user who has accessed the system resources, he can’t deny from it because his log session has been recorded by the system.

The time dimension is the main module of information security and assurance as it defines the rules and parameters by which the information is made available to user in online node or offline mode. It defines the time constraint which at what time the information will be accessible to the users of the system.

The people dimension means to identify the people who are legitimate users and who are threat to the information. Users should follow all the policies and rules to create a well-established environment in an organization.,