Clearing Up the Whole CIA Question
This was a conversation overheard recently between a Sergeant First Class and a Private First Class. The Private needed some training support.
“Sarge, I could use some help. When Captain Trainer, the information assurance guy, asked me what CIA was, I thought he was talking about those civilian guys you see all the time in theater looking like Brad Pitt, and wearing khaki vests with designer sun glasses. Look, I’m a crack shot and I can field strip an M1A1 tank and use the parts to fix an Apache’s weapons system. But I don’t get this cyber security stuff, especially information assurance.”
“Well, Private, CIA in IA talk is Confidentiality, Integrity and Availability. For example, confidentiality is using 32-bit encryption when sending data via a transaction processing network.” “Hold on, Sarge. You’re losing me. I’m not one of the computer geeks. I grew up in the back country. Didn’t have much use for video games either.”
“Where’re you from, Collins?” “Oh, you probably never heard of it. It’s near Knockatashy Mountain, just down from Whicksmack, ‘bout a stone’s throw away from Dillie’s Corners.” “Huh, I think I have heard of it. Yeah, I think my cousin’s been there. Grew up on a farm, didn’t you?” “Yes, Sergeant.” “Ever raise a hog for the county fair?” “Yesiree, a Blue Ribbon. A real champ!”
“Let’s call this hog of yours Data.” “But, it was Daisy, Sergeant.” “Work with me, Collins, OK?” “Sorry.” “You wanted to protect Data, right?” “Absolutely! The local hog competition was something fierce.”
"OK, let me guess. You didn’t want anyone to know about this hog until it was ready for show, so you painted it black and white so that if people saw it, they would just think it was a bloated calf with a sinus condition. That’s maintaining Confidentiality. Then when your cousin came over because he had a hankering for some ham, and you thought poorly of him hacking off Data’s leg, you kept him from altering or harming her in any way. That’s protecting Data’s Integrity. Then your mother tried to deny you access to Data by sending the hog to your Aunt Bessie. But I bet you put a stop to that once you got wind of it, right? That was maintaining Availability. Now do you understand?
“Yeah, now I get it, Sarge.” “Well, seeing I’m on a roll here, let’s cover Authentication and Non-Repudiation.” “Non-Republic Nation?” “Quiet, let me finish.” “Sorry, Sarge.”
“When you brought Data to the show, one of the other competitors said that Data wasn’t your hog. But you had 15 cousins, the town sheriff, and the Justice of the Peace swear that it was yours.” “Actually it was 18 cousins, Sarge.” “Huh? OK then, even better. Then to be ornery you asked the hog judges for their credentials. When they pulled out the judging certificates signed by the Mayor himself, everyone agreed that everything was on the up and up. Anyway, that’s Authentication.”
“I got that, but how about non-repugnation?” “You mean Non-Repudiation. That’s when everybody agreed that Data was a hog, not a calf, that it was your hog fair and square, and that you were showing the original hog, the whole hog, and nothing but the hog. You then commenced hog showing, the judges started hog judging and the result was the blue ribbon.”
“Wow, Sarge, that’s amazing. I understand now. But I never knew you were with the CIA.” “What do you mean, Collins? I’m all Army.” “Well then, how did you know about Daisy?”
Confidentiality, Integrity and Availability make up the triad of
The On Cyber Patrol© cartoon and supporting articles are created and made available by the U.S. Army’s Office of Information Assurance and Compliance, NETCOM, CIO/G6. For more information on the OCP program or to submit ideas for upcoming cartoons/articles, contact oncyberpatrol@hqda.army.mil.
