Security Renaissance

Promoting the art and mindset of information security

Ren - ais - sance:

(lowercase) a renewal of life, vigor, interest, etc.; rebirth; revival: a moral renaissance

« Surveillance and the use of social psychology
Cutting through the “White Noise” »

The C-I-A Triad – weighed and found wanting

Believe it or not, the field of Information Security has changed! Foundational concepts, such as the traditional C-I-A triad (Confidentiality, Integrity, and Availability) are being challenged and supplanted by a more inclusive model known as the Parkerian Hexad [1]. The Parkerian Hexad augments the traditional C-I-A triad by adding three elements. The result is a set of security principles comprised of six elements.

CIA Triad

The six principles of the Parkerian Hexad are:

  • Confidentiality
  • Integrity
  • Availability
  • Possession
  • Authenticity
  • Utility

The principles composing the Parkerian Hexad are non-overlapping; meaning that each principle is absolutely necessary to ensure that security is maintained. In addition, each principle may be violated independently of each other principle. However, the principles can be relationally linked to each of the three components of the traditional C-I-A model (see Figure 2) [2].

Hexad_sm

Below are definitions [3] for each principle along with a brief scenario of how that element may be breached independently of the other elements.

  • Confidentiality: Limited observation and disclosure of knowledge.An example of an incident where confidentiality is compromised would be the early unauthorized release (leak) of information related to our latest marketing strategies – thereby allowing our competitors to prepare counter strategies.
  • Integrity: Completeness, wholeness, and readability of information and quality of being unchanged from a previous state.A simple example of a loss of integrity would be an employee modifying the body text of an email so as to create a false record of events (i.e. to show that Jane Doe said something that she did not really say).
  • Availability: Usability of information for a purpose.The explicit aim of a Denial-of-Service (DOS) attack is to compromise the availability of systems/data.
  • Possession: Holding, controlling, and having the ability to use information. Possession is the ability to truly own and control information and how it is used. We normally think of this as unauthorized or unintentional copying of information.If, for example, an employee emails company information to a non-corporate email account, we no longer have sole possession. In extreme cases, a loss of possession could result in total loss of the information (e.g. loss/theft of backup tapes for which there is no other copy of the data).Notable examples of a loss of possession usually include the loss of laptop computers or PDA’s containing customer or employee data (e.g. SSNs, credit card numbers, personal health information, etc.).
  • Authenticity: Validity, conformance, and genuineness of information.The quality of authenticity is readily understood. As the above definition suggests, it is the quality of being “the real deal.” When something does not possess authenticity, it is said to be fraudulent.Examples of a lack of authenticity include the reproduction of employee ID badges, calling into a help-desk and posing as another individual, and modifying records.
  • Utility: Usefulness of information for a purpose.Utility simply means that we can use the data, system, or device in the manner for which it exists. For example if a database, table, or other information is somehow altered in such a way as to remain accurate but unusable for its intended purpose, it has lost utility.Examples involve the use of encryption to “kidnap” data for ransom. This is accomplished via encrypting the data without the owner’s consent. In this, and similar cases, the victim maintains ownership of the data; and the data, technically, has integrity.

There is one exception to the general statement that these principles do not overlap; a breach of confidentiality will always result in a loss of sole possession. Once confidentiality is compromised, the organization is no longer fully in possession of the data because it is known by another party.

Understanding and communicating this new model for Information Security will likely result in greater depth and clarity within security related conversations.

______________________________

1. The “Parkerian Hexad” model was introduced by Donn B. Parker in his book Fighting Computer Crime (http://www.amazon.com/gp/product/0471163783/104-3218063-3795135).

2. Donn B. Parker suggests this mapping in his chapter, “Toward a New Framework for Information Security,” from The Computer Security Handbook 4th Edition., John Wiley & Sons, 2002 (p. 5.8).

3. The definition statements for each element in the “Parkerian Hexad” are taken from The Computer Security Handbook 4th Edition., John Wiley & Sons, 2002 (pp. 5.9 – 5.10).

note: this post is an excerpt from one of the author’s essays for Norwich University’s MSIA program

This entry was posted on Wednesday, April 11th, 2007 at 10:54 pm and is filed under General, Security, Management, MSIA, Risk. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

4 Responses to “The C-I-A Triad – weighed and found wanting”

  1. I may have to pick up that book at the bookstore and flip through to this section, as I’m not sure I buy in, yet.

    Seems to me that Integrity covers Authenticity and some of Utility just fine. Availability covers the rest of Utility. And Confidentiality covers Possession…

    LonerVamp
    April 12th, 2007

  2. This adds value to the discussion, except that part of the diagram is cut off on the right hand side. What are the descriptors for integrity and authenticity please?

    Rob Lewis
    April 12th, 2007

  3. […] The C-I-A Triad – weighed and found wanting Believe it or not, the field of Information Security has changed! Foundational concepts, such as the traditional C-I-A triad (Confidentiality, Integrity, and Availability) are being challenged and supplanted by a more inclusive model known as the Parkerian Hexad See Andrew Hay and Daniel Cid’s tutorial on Enterprise Log Analysis with Q1 Labs QRadar and OSSEC at the iTrust and PST Conferences on Privacy, Trust Management and Security in Moncton, New Brunswick, Canada. Email andrewsmhay [at] gmail.com for more information. […]

    www.andrewhay.ca » Suggested Blog Reading - Thursday, April 12th, 2007
    April 12th, 2007

  4. Thanks. That was a great explanation. I agree with you, but there must be a balance in relation to the importance of the assets that are being protected. Non-repudiation is the inability to deny the integrity and authenticity of a document. On one end of the balance, encryption and data signatures are needed for important transactions. On the other end of the balance, IRC chat logs might possibly be considered anonymous.

    During my studies, my case study organization is a public Web site that believes in sharing information. Information is their main asset and it was a challenge communicating to them that classifying their assets is an extremely important step in achieving a balance in Information Assurance. The result was that they do have processes and information that is not public. They have to protect that information.

    Faith Young
    May 10th, 2007

Leave a Reply

Comments are moderated and will not appear until approved.

Search

Subscribe via Email



Powered by FeedBlitz

Subscribe via RSS

RSS RSS ok

Pages

Categories

Archives

Advertisements

Disclaimer

The views expressed on this site are my own and do not necessarily reflect those of my employer, friends, family, or passers-by.

-- Perry Carpenter    

Security Renaissance is powered by WordPress

I feel dirty theme by studio ST
Entries (RSS) and Comments (RSS).