Quiz Entry - updated: 2026.07.14
What does the CIA triad stand for, and what extensions exist?
CIA = Confidentiality, Integrity, Availability — the three classic information security goals. Extensions add Accountability, Authenticity, and Non-Repudiation.
The Classic CIA Triad:
| Letter | Property | Meaning |
|---|---|---|
| C | Confidentiality | Only authorized parties can access the information |
| I | Integrity | Data has not been altered without authorization |
| A | Availability | Information is accessible when needed |
Extended properties:
- Accountability (Verbindlichkeit) — actions can be traced to a responsible entity
- Authenticity (Authentizität) — the identity of a subject/object can be verified
- Non-repudiation — a party cannot deny having performed an action
Important nuance:
- The usual CIA triad from IT security is not quite sufficient for cryptography
- In crypto, the focus is primarily on Confidentiality and Data Authenticity/Integrity
- Availability is typically NOT a cryptographic concern (it's more of a systems/network concern)
- Data integrity is a component of data authenticity (authenticity includes: correct sender, time, origin, no replay, non-repudiation)