Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,180 --> 00:00:05,250 Hello and welcome to the first lecture of the course, we are going to start with the CIA triad, which 2 00:00:05,250 --> 00:00:08,970 stands for confidentiality, integrity and availability. 3 00:00:09,210 --> 00:00:15,750 The CIA triad is used in every single domain of cybersecurity, and you must be perfectly clear about 4 00:00:15,750 --> 00:00:16,980 each of the components. 5 00:00:18,190 --> 00:00:23,890 Let's have a detailed look at the components of the CIA triad so C stands for confidentiality. 6 00:00:24,520 --> 00:00:30,690 Now you need to be sure that your data is confidential when it is stored, when it is being transmitted 7 00:00:30,700 --> 00:00:32,119 and when it is being processed. 8 00:00:32,590 --> 00:00:37,560 So you need to make sure that your data is hidden and it is only visible to authorized users. 9 00:00:37,990 --> 00:00:41,890 The classic way of enforcing confidentiality is through encryption. 10 00:00:42,250 --> 00:00:46,950 Encryption makes your data secure so that it is not visible to unauthorized users. 11 00:00:47,230 --> 00:00:50,720 Some violations of confidentiality include packet sniffing. 12 00:00:50,920 --> 00:00:55,630 So that happens when your data is being transmitted over a network and somebody captures your traffic. 13 00:00:55,960 --> 00:01:00,850 Confidentiality is also violated when somebody is able to successfully break the encryption that you 14 00:01:00,850 --> 00:01:02,220 use to protect your data. 15 00:01:02,770 --> 00:01:08,920 But it can also sometimes happen due to unintentional human error when a user inadvertently exposes 16 00:01:08,920 --> 00:01:09,340 data. 17 00:01:10,320 --> 00:01:16,410 The second component is integrity, which means that your data must be accurate and complete and that 18 00:01:16,410 --> 00:01:22,260 it has not been modified. Typical violations of integrity happen when you transmit you data from one 19 00:01:22,260 --> 00:01:27,980 point to the other and a man in the middle intercepts your traffic and modifies your data. 20 00:01:28,320 --> 00:01:30,840 Integrity is typically enforced through hashes. 21 00:01:31,200 --> 00:01:37,470 Hashes are a kind of summary or a message digest of your original data so that if anything changes in 22 00:01:37,470 --> 00:01:39,530 your data, the hash would also change. 23 00:01:40,140 --> 00:01:44,910 So at the destination, the receiver can simply check the hash to make sure that the data has not been 24 00:01:44,910 --> 00:01:45,480 modified. 25 00:01:46,650 --> 00:01:52,740 Typical violations of integrity include modification of data, especially during transit. The last 26 00:01:52,740 --> 00:01:58,270 component is availability, which means that data is available as and when required. 27 00:01:59,100 --> 00:02:04,710 Violations of availability happen if someone, for example, damages your communication infrastructure 28 00:02:04,890 --> 00:02:09,090 or they damage your Web server so that you're no longer able to service your clients. 29 00:02:09,180 --> 00:02:14,580 However, even if someone successfully slows down your database servers or your Web servers so that 30 00:02:14,580 --> 00:02:19,500 they cannot service the clients in an appropriate amount of time, then this would also be considered 31 00:02:19,500 --> 00:02:21,090 a violation of the availability. 32 00:02:21,840 --> 00:02:24,890 Typically, availability is enforced through redundancy. 33 00:02:25,530 --> 00:02:30,960 What it means is that you install multiple communication links or for example, you install multiple 34 00:02:30,960 --> 00:02:36,000 Web servers so that even if some of the communication links or some of the Web servers, they are targeted, 35 00:02:36,270 --> 00:02:37,560 you still have some backups. 36 00:02:38,770 --> 00:02:45,820 Let's discuss confidentiality in more detail, so as we discussed, confidentiality refers to protecting 37 00:02:45,820 --> 00:02:50,200 or hiding your data so that it is available only to authorized users. 38 00:02:50,920 --> 00:02:54,200 Now, the Internet is a public network which is very insecure. 39 00:02:54,610 --> 00:03:00,070 So if you're sending your data in plain text over the public Internet or even any other public network, 40 00:03:00,460 --> 00:03:05,290 then it means that there's a good chance that people can eavesdrop on your data, which is in plain 41 00:03:05,290 --> 00:03:05,800 text. 42 00:03:06,190 --> 00:03:11,860 And this would constitute as a violation of the confidentiality of the data because now it is available 43 00:03:11,860 --> 00:03:13,540 to people who are not authorized. 44 00:03:14,890 --> 00:03:19,030 The classic way of enforcing confidentiality is by encrypting your data. 45 00:03:19,720 --> 00:03:25,870 So what encryption does is that you give it a secret key and the encryption algorithm takes the data 46 00:03:25,870 --> 00:03:31,580 and uses the key to encode the data into a format which is not understandable by anyone. 47 00:03:31,990 --> 00:03:37,690 So even if somebody gets a hold of a copy of your data, they would not be able to decode this data 48 00:03:37,690 --> 00:03:38,250 easily. 49 00:03:38,830 --> 00:03:43,960 And this provides significant benefits in comparison to sending your data in plain text. 50 00:03:44,440 --> 00:03:46,940 So this is the main idea of confidentiality. 51 00:03:46,960 --> 00:03:49,420 You want to make sure that your data is encrypted. 52 00:03:49,700 --> 00:03:55,330 It is in a format that even if it is compromised, you still have a reasonable certainty that it would 53 00:03:55,330 --> 00:03:56,470 not be easily broken. 54 00:03:57,650 --> 00:04:04,190 Let's discuss integrity in more detail, as discussed previously, integrity means that your data is 55 00:04:04,190 --> 00:04:09,860 accurate, complete and unmodified, especially when it is being transmitted over networks. 56 00:04:10,610 --> 00:04:15,950 A classic violation of integrity happens when you're sending your data from point A to B. But a man 57 00:04:15,950 --> 00:04:21,209 in the middle intercepts it, changes it, and then sends the modified copy to the destination. 58 00:04:21,829 --> 00:04:25,910 Now, the problem is that the source and the destination don't have perfect visibility. 59 00:04:26,480 --> 00:04:32,270 And it is very easy for man in the middle to leverage this lack of visibility in order to replay packets 60 00:04:32,270 --> 00:04:33,430 after modification. 61 00:04:33,950 --> 00:04:39,230 Now, in this case, the integrity of your data has been violated because the file that you have received 62 00:04:39,230 --> 00:04:41,840 is not exactly the same that was sent by the source. 63 00:04:42,800 --> 00:04:50,090 Traditionally, integrity is enforced by using hashes, so a hash is kind of a summary or a message 64 00:04:50,090 --> 00:04:56,240 digest of your main file, which means that you calculate sort of a summary of your main file or main 65 00:04:56,240 --> 00:04:59,460 data and then you encrypt it using a secret key. 66 00:05:00,200 --> 00:05:03,110 Now you send the file along with the hash to the destination. 67 00:05:03,620 --> 00:05:09,530 And even if a man in the middle changes your file, when your file reaches the destination along with 68 00:05:09,530 --> 00:05:14,890 the hash, the destination is going to independently calculate the hash of this file. 69 00:05:15,380 --> 00:05:21,020 So the destination is going to do its own calculations and then he's going to compare the two hashes. 70 00:05:21,770 --> 00:05:27,620 If there has been any modification in the file compared to the original file, the two hashes won't 71 00:05:27,620 --> 00:05:28,040 match. 72 00:05:28,280 --> 00:05:33,740 And this is how the destination would be able to detect that there has been a compromise of the integrity 73 00:05:33,740 --> 00:05:34,310 of the file. 74 00:05:35,170 --> 00:05:41,560 Let's discuss availability in more detail, as discussed previously, availability basically means that 75 00:05:41,560 --> 00:05:44,560 your data must be available as and when required. 76 00:05:45,160 --> 00:05:51,520 Malicious attackers can damage the availability of your infrastructure data or your applications in 77 00:05:51,520 --> 00:05:52,450 a number of ways. 78 00:05:52,990 --> 00:05:58,780 They may attack communication links between clients and your servers, making it difficult or impossible 79 00:05:58,780 --> 00:06:03,290 to reach your servers or they may directly attack your web or application servers. 80 00:06:03,790 --> 00:06:08,980 Now, please note that the attack can be partial so the attacker doesn't need to completely break off 81 00:06:08,980 --> 00:06:14,620 the communication link so the attacker can simply choke communication links enough so that the traffic 82 00:06:14,620 --> 00:06:20,260 is very slow or they send so much traffic to your servers that they are very slow at responding to 83 00:06:20,260 --> 00:06:21,290 legitimate clients. 84 00:06:22,030 --> 00:06:25,900 The classic way of enforcing availability is by using redundancy. 85 00:06:26,380 --> 00:06:31,660 So, for example, if you have multiple Web and database servers, even if some of your servers go down 86 00:06:32,020 --> 00:06:38,080 or the attacker sends excessive traffic to them, we can simply load balance and ensure availability. 87 00:06:38,410 --> 00:06:44,230 Similarly, we can also employ multiple communication links and so on. So that concludes our lecture 88 00:06:44,230 --> 00:06:44,950 on CIA. 89 00:06:45,220 --> 00:06:50,710 Please remember that the CIA triad is of paramount importance in cybersecurity and will be using these 90 00:06:50,710 --> 00:06:52,010 terms throughout the course. 91 00:06:52,870 --> 00:06:54,250 I'll see you in the next lecture. 10249