1. Confidentiality:
Confidentiality is assurance of data privacy. Only the intended and authorized recipients: individuals, processes or devices, may read the data. Disclosure to unauthorized entities, for example using unauthorized network sniffing is a confidentiality violation.
Cryptography is the art and science of storing and transmitting confidential data.
2. Integrity
Integrity is assurance of data non-alteration. Data integrity is having assurance that the information has not been altered in transmission, from origin to reception. Source integrity is the assurance that the sender of that information is who it is supposed to be. Data integrity can be compromised when information has been corrupted or altered, willfully or accidentally, before it is read by its intended recipient. Source integrity is compromised when an agent spoofs its identity and supplies incorrect information to a recipient.
Digital Signatures and hash algorithms are mechanisms used to provide data integrity.
3. Availability
Availability is assurance in the timely and reliable access to data services for authorized users. It ensures that information or resources are available when required. Most often this means that the resources are available at a rate which is fast enough for the wider system to perform its task as intended. It is certainly possible that confidentiality and integrity are protected, but an attacker causes resources to become less available than required, or not available at all. See Denial of Service (DoS).
High availability protocols, fully redundant network architectures and system hardware without any single points of failure ensure system reliability and robustness.
