Security + CIA and AAA

Just to keep myself accountable as far as my studying goes, I figured I’d make some posts of whatever topics I’m learning. My Security + journey started out in familiar territory. The first topic really discussed in the book is the CIA security triad. The CIA security triad is an acronym (of which there will be many to learn) that stands for Confidentiality, Integrity, and Availability. Together these three concepts make up the foundation of understanding information security. Confidentiality is the idea that only the users who need to see the data can see it. The main way of enforcing confidentiality is through encryption and access controls. The second concept, integrity is ensuring that the data has not been tampered with and one of the ways it’s enforced is through hashing which is kind of a digital fingerprinting. Finally, availability is making sure that whatever data needs accessing is accessible. Fault tolerance and redundancies are ways that you can help make data more available. You want to avoid having single points of failure. Interestingly enough, I run proxmox as my hypervisor on two servers, but if I can get three proxmox cluster nodes, then I can have high availability for my VMs.

AAA is the idea of authentication, authorization, and accounting. Authentication is proving someone’s identity. It’s making sure that someone is who they say they are. Once someone has been authenticated doesn’t mean they are authorized to access whatever resources they want. Authorization is allowing users access to resources based on their Authentication. Finally there’s accounting, which is keeping track of who accesses what. This is done through logs mainly. For instance, on a Linux machine, the login attempts are recorded in /var/logs/auth.log. This will tell us who was trying to be authenticate to the server.