Infosec

The basic principles of information security, often summarized as the CIA triad, encompass three core concepts:

Confidentiality, Integrity, and Availability.

Integrity ensures that data remains accurate, complete, and trustworthy throughout its lifecycle. Integrity measures, such as checksums, digital signatures, and access controls, safeguard data from unauthorized modification, deletion, or corruption.

They help maintain data consistency and reliability, ensuring that it can be trusted for decision-making and analysis.

Confidentiality refers to the protection of sensitive information from unauthorized access or disclosure. In an information security context, maintaining confidentiality means ensuring that only authorized individuals or systems can access certain data or resources. This is typically achieved through encryption, access controls, authentication mechanisms, and other security measures.

Availability ensures that data, systems, and resources are accessible and usable when needed by authorized users.

Availability measures, such as redundancy, backup and recovery systems, and disaster recovery planning, mitigate disruptions caused by hardware failures, software errors, cyberattacks, or natural disasters. They ensure that critical services remain operational and accessible, even in adverse conditions.

Encryption is the basic building block of data security. It is the simplest and most important way to ensure a computer system's information can't be stolen and read by someone who wants to use it for malicious purposes.

Encryption involves converting human-readable data into incomprehensible text, which is known as ciphertext. Encryption involves using a cryptographic key.

Encryption involves using a cryptographic key, a set of mathematical values both the sender and recipient agree on. The recipient uses the key to decrypt the data, turning it back into readable plaintext.

Symmetric Encryption: In symmetric encryption, the same key is used for both encryption and decryption. This means that both the sender and receiver must have access to the same secret key.

Asymmetric Encryption: Asymmetric encryption uses two different keys: a public key and a private key. The keys are essentially large numbers that have been paired with each other but aren't identical

In asymmetric encryption the public key is used for encryption, while the private key is used for decryption. Anything encrypted with the public key can only be decrypted with the corresponding private key, and vice versa.