Confidentiality
Guarding against improper information modification or destruction, and includes ensuring information nonrepudiation, accuracy, and authenticity.
Safeguards: Access control & protection, encryption, monitoring and training etc.
Integrity
Preserving authorized restrictions on access and disclosure, including a means for protecting personal privacy and proprietary information.
Safeguards: Encryption, signature, process control suchs as code testing, monitoring control sucn as message and data integrity and log analysis. Behavioral controls such a separation fo duties, rotation of duties and training etc.
Availability
Ensuring timely and reliable access to, and use of, information (failure to operate due to failure, loss, error, prevention or overload).
Safeguards: access controls, monitoring, data and computational redundancy, resilient systems, virtualization, server clustering, environmental controls, continuity of operations planning, and incident response preparedness etc.
Privacy
- Traceability - Ability to trace the object (information) from origin to destination
- Linkability - Abilltiy to link to objects (information) going either from/to the same origin/destination.
- Identifyability - Ability to identify the origin of an object (information),.