Security Basics mailing list archives

Re: New security Triad

From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Tue, 1 May 2007 20:19:01 +0200

On 2007-04-30 vijaych2779 () gmail com wrote:

I have always been under the impression that the security triad was
CIA (Confidentiality, Integrity and Availability) until I came across
the link http://www.networkworld.com/columnists/2003/0106schwartau.html.
May be this is pretty late to discuss about this question as this
article was posted in 2003. Nevertheless, just wanted to check with
all the security folks out there if the new security TRIAD is indeed
CPP (Cyber, Physical and People).


CIA and CPP are entirely unrelated to each other, because they are
different views on security. CIA focuses on the data, whereas CPP
focuses on the attack plane (which is why I would rather call it TPS -
Technological, Physical, Social).

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

Current thread:

RE: New security Triad David Harley (May 01)
- <Possible follow-ups>
- RE: New security Triad Bob Hodges (May 01)
- Re: New security Triad Ansgar -59cobalt- Wiechers (May 01)
- RE: New security Triad David Gillett (May 01)
- Re: RE: New security Triad vijay . upadhyaya (May 02)