A hardware security module (HSM) is a physical computing device that safeguards and manages digital keys, performs encryption and decryption functions for digital signatures, strong authentication and other cryptographic functions. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server. A hardware security module contains one or more secure cryptoprocessor chips.
A hardware security module can be employed in any application that uses digital keys.
The functions of an HSM are:
onboard secure cryptographic key generation
onboard secure cryptographic key storage, at least for the top level and most sensitive keys, which are often called master keys
key management
use of cryptographic and sensitive data material, for example, performing encryption or digital signature functions
offloading application servers for complete asymmetric and symmetric cryptography.
HSMs are also deployed to manage transparent data encryption keys for databases and keys for storage devices such as disk or tape.
HSMs provide both logical and physical protection of these materials, including cryptographic keys, from disclosure, non-authorized use, and potential adversaries.
HSMs support both symmetric and asymmetric (public-key) cryptography
For some applications, such as certificate authorities and digital signing, the cryptographic material is asymmetric key pairs (and certificates) used in public-key cryptography
With other applications, such as data encryption or financial payment systems, the cryptographic material consists mainly of symmetric keys.
Some HSM systems are also hardware cryptographic accelerators. They usually cannot beat the performance of hardware-only solutions for symmetric key operations.
PKI environment (CA HSMs)
In PKI environments, the HSMs may be used by certification authorities (CAs) and registration authorities (RAs) to generate, store, and handle asymmetric key pairs. In these cases, there are some fundamental features a device must have, namely:
Logical and physical high-level protection
Multi-part user authorization schema (see Blakley-Shamir secret sharing)
Full audit and log traces
Secure key backup
Card payment system HSMs (bank HSMs)
Specialized HSMs are used in the payment card industry. HSMs support both general-purpose functions and specialized functions required to process transactions and comply with industry standards
Typical applications are transaction authorization and payment card personalization
SSL connection establishment
Performance-critical applications that have to use HTTPS (SSL/TLS), can benefit from the use of an SSL Acceleration HSM by moving the RSA operations, which typically requires several large integer multiplications, from the host CPU to the HSM device.
DNSSEC
An increasing number of registries use HSMs to store the key material that is used to sign large zonefiles. OpenDNSSEC is an open-source tool that manages signing DNS zone files.
Cryptocurrency wallet
Cryptocurrency can be stored in a cryptocurrency wallet on a HSM
availability; access to data by only authorized, fault-tolerant disk
Confidentiality
Confidentiality refers to an organization’s efforts to keep their data private or secret.
Typically, this involves ensuring that only those who are authorized have access to specific assets and that those who are unauthorized are actively prevented from obtaining access.
Confidentiality can be violated in many ways, for example, through direct attacks designed to gain unauthorized access to systems, applications, and databases in order to steal or tamper with data
Network reconnaissance and other types of scans, electronic eavesdropping (via a man-in-the-middle attack), and escalation of system privileges by an attacker are just a few examples.
But confidentiality can also be violated unintentionally through human error, carelessness, or inadequate security controls. Examples include failure (by users or IT security) to adequately protect passwords; sharing of user accounts; physical eavesdropping (also known as shoulder surfing)
failure to encrypt data (in process, in transit, and when stored); poor, weak, or nonexistent authentication systems; and theft of physical equipment and storage devices.
Countermeasures to protect confidentiality include data classification and labeling; strong access controls and authentication mechanisms; encryption of data in process, in transit, and in storage; steganography; remote wipe capabilities; and adequate education and training for all individuals with access to data
Integrity
integrity refers to the quality of something being whole or complete
In InfoSec, integrity is about ensuring that data has not been tampered with and, therefore, can be trusted. It is correct, authentic, and reliable
Ensuring integrity involves protecting data in use, in transit (such as when sending an email or uploading or downloading a file), and when it is stored, whether on a laptop, a portable storage device, in the data center, or in the cloud
integrity can be compromised directly via an attack vector (such as tampering with intrusion detection systems, modifying configuration files, or changing system logs to evade detection) or unintentionally, through human error, lack of care, coding errors, or inadequate policies, procedures, and protection mechanisms
Countermeasures that protect data integrity include encryption, hashing, digital signatures, digital certificatesTrusted certificate authorities (CAs) issue digital certificates to organizations to verify their identity to website users, similar to the way a passport or driver’s license can be used to verify an individual's identity. , intrusion detection systems, auditing, version control, and strong authentication mechanisms and access controls
Note that integrity goes hand in hand with the concept of non-repudiation: the inability to deny something. By using digital signatures in email, for example, a sender cannot deny having sent a message, and the recipient cannot claim the message received was different from the one sent. Non-repudiation assists in ensuring integrity.
Availability
Quite simply, availability means that networks, systems, and applications are up and running. It ensures that authorized users have timely, reliable access to resources when they are needed
Many things can jeopardize availability, including hardware or software failure, power failure, natural disasters, and human error.
Perhaps the most well-known attack that threatens availability is the denial-of-service attack, in which the performance of a system, website, web-based application, or web-based service is intentionally and maliciously degraded, or the system becomes completely unreachable.
Countermeasures to help ensure availability include redundancy (in servers, networks, applications, and services), hardware fault tolerance (for servers and storage), regular software patching and system upgrades, backups, comprehensive disaster recovery plans, and denial-of-service protection solutions.
A key concept to understand about the CIA triad is that prioritizing one or more principles can mean the tradeoff of others.
For example, a system that requires high confidentiality and integrity might sacrifice lightning-speed performance that other systems (such as ecommerce) might value more highly
Protecting confidentiality is dependent on being able to define and enforce certain access levels for information
In some cases, doing this involves separating information into various collections that are organized by who needs access to the information and how sensitive that information actually is - i.e. the amount of damage suffered if the confidentiality was breached.
Some of the most common means used to manage confidentiality include access control lists, volume and file encryption, and Unix file permissions.
Integrity
designed to protect data from deletion or modification from any unauthorized party
Availability
Authentication mechanisms, access channels and systems all have to work properly for the information they protect and ensure it's available when it is needed
High availability systems are the computing resources that have architectures that are specifically designed to improve availability. Based on the specific HA system design, this may target hardware failures, upgrades or power outages to help improve availability, or it may manage several network connections to route around various network outages.
https://www.forcepoint.com/cyber-edu/cia-triad
The CIA triad is a common model that forms the basis for the development of security systems.
They are used for finding vulnerabilities and methods for creating solutions.
it helps guide security teams as they pinpoint the different ways in which they can address each concern
Confidentiality
Confidentiality involves the efforts of an organization to make sure data is kept secret or private. To accomplish this, access to information must be controlled to prevent the unauthorized sharing of data—whether intentional or accidental
A key component of maintaining confidentiality is making sure that people without proper authorization are prevented from accessing assets important to your business.
Conversely, an effective system also ensures that those who need to have access have the necessary privileges.
those who work with an organization’s finances should be able to access the spreadsheets, bank accounts, and other information related to the flow of money. However, the vast majority of other employees—and perhaps even certain executives—may not be granted access. To ensure these policies are followed, stringent restrictions have to be in place to limit who can see what.
This may involve direct attacks aimed at gaining access to systems the attacker does not have the rights to see. It can also involve an attacker making a direct attempt to infiltrate an application or database so they can take data or alter it.
techniques such as man-in-the-middle (MITM) attacks, where an attacker positions themselves in the stream of information to intercept data and then either steal or alter it. Some attackers engage in other types of network spying to gain access to credentials. In some cases, the attacker will try to gain more system privileges to obtain the next level of clearance
Human error or insufficient security controls may be to blame as well. For example, someone may fail to protect their password—either to a workstation or to log in to a restricted area. Users may share their credentials with someone else, or they may allow someone to see their login while they enter it.
In other situations, a user may not properly encrypt a communication, allowing an attacker to intercept their information. Also, a thief may steal hardware, whether an entire computer or a device used in the login process and use it to access confidential information.
you can classify and label restricted data, enable access control policies, encrypt data, and use multi-factor authentication (MFA) systems. It is also advisable to ensure that all in the organization have the training and knowledge they need to recognize the dangers and avoid them
Integrity
Integrity involves making sure your data is trustworthy and free from tampering.
An attacker may bypass an intrusion detection system (IDS), change file configurations to allow unauthorized access, or alter the logs kept by the system to hide the attack.
if the company’s security policies, protections, and procedures are inadequate, integrity can be violated without any one person in the organization accountable for the blame
To protect the integrity of your data, you can use hashing, encryption, digital certificates, or digital signatures. For websites, you can employ trustworthy certificate authorities (CAs) that verify the authenticity of your website so visitors know they are getting the site they intended to visit
A method for verifying integrity is non-repudiation, which refers to when something cannot be repudiated or denied. For example, if employees in your company use digital signatures when sending emails, the fact that the email came from them cannot be denied. Also, the recipient cannot deny that they received the email from the sender.
Availability
Even if data is kept confidential and its integrity maintained, it is often useless unless it is available to those in the organization and the customers they serve.
individuals with access to specific information must be able to consume it when they need to
for example, there is a power outage and there is no disaster recovery system in place to help users regain access to critical systems, availability will be compromised. Also, a natural disaster like a flood or even a severe snowstorm may prevent users from getting to the office, which can interrupt the availability of their workstations and other devices that provide business-critical information or applications.
Availability can also be compromised through deliberate acts of sabotage, such as the use of denial-of-service (DoS) attacks or ransomware.
To ensure availability, organizations can use redundant networks, servers, and applications
You can also enhance availability by staying on top of upgrades to software packages and security systems.
Backups and full disaster recovery plans also help a company regain availability soon after a negative even
The CIA triad provides a simple yet comprehensive high-level checklist for the evaluation of your security procedures and tools
An effective system satisfies all three components: confidentiality, integrity, and availability. An information security system that is lacking in one of the three aspects of the CIA triad is insufficient.
The CIA security triad is also valuable in assessing what went wrong—and what worked—after a negative incident. For example, perhaps availability was compromised after a malware attack such as ransomware, but the systems in place were still able to maintain the confidentiality of important information.
However, it is particularly helpful when developing systems around data classification and managing permissions and access privileges.
You should also stringently employ the CIA triad when addressing the cyber vulnerabilities of your organization.
It can be a powerful tool in disrupting the Cyber Kill Chain, which refers to the process of targeting and executing a cyberattack
The CIA security triad can help you hone in on what attackers may be after and then implement policies and tools to adequately protect those assets.
You can use hypothetical scenarios or real-life case studies to help employees think in terms of the maintenance of confidentiality, integrity, and availability of information and systems
Confidentiality. A system’s ability to ensure that only the correct, authorized user/system/resource can view, access, change, or otherwise use data.
Integrity. A system’s ability to ensure that the system and information is accurate and correct.
Availability. A system’s ability to ensure that systems, information, and services are available the vast majority of time.
Confidentiality
It can play out differently on a personal-use level, where we use VPNs or encryption for our own privacy-seeking sake.
But in enterprise security, confidentiality is breached when an unauthorized person can view, take, and/or change your files.
Integrity
In the data world, it’s known as data trustworthiness—can you trust the results of your data, of your computer systems?
You don’t want bad actors or human error to, on purpose or accidentally, ruin the integrity of your computer systems and their results.
Availability
In security, availability means that the right people have access to your information systems. If a user with privilege access has no access to her dedicated computer, then there is no availability.
the CIA triad is a security model that you can—should—follow in order to protect information stored in on-premises computer systems or in the cloud
Keep information secret (Confidentiality)
Maintain the expected, accurate state of that information (Integrity)
Ensure your information and services are up and running (Availability)
A data breach attacks the confidentiality of your data.
A ransomware incident attacks the availability of your information systems.
Understanding what is being attacked is how you can build protection against that attack.
Take the case of ransomware—all security professionals want to stop ransomware
Dynkin says we should view it as an attack designed specifically to limit your availability.
When you think of this as an attempt to limit availability, he told me, you can take additional mitigation steps than you might have if you were only trying to “stop ransomware”.
Authentication: The ability of your systems to confirm an identity.
Non-repudiation or accountability: The ability of your systems to confirm the validity of something that occurs over the system. It is an assurance about data’s origins and integrity.
