n n n n
2. Parkerian hexad: Where the CIA triad consists of confidentiality, integrity, and availability, the Parkerian hexad
n n n n n n n n n n n n n n
consists of these three principles, as well as possession or control, authenticity, and utility
n n n n n n n n n n n n n n
3. Confidentiality: Refers to our ability to protect our data from those who are not authorized to view it. n n n n n n n n n n n n n n n n n
Confidentialitycanbecompromisedbythelossofa laptopcontainingdata,apersonlookingoverourshoulderwhile we type a
n n n n n n n n n n n n n n n n n n n n n
password, an e-mail attachment being sent to the wrong person, an attacker penetratingour systems, or similar issues.
n n n n n n n n n n n n n n n n n n
4. Integrity: Referstotheabilitytopreventourdatafrombeingchangedinanunauthorizedorundesirable
n n n n n n n n n n n n n n n n
manner.This could mean theunauthorized change ordeletion of ourdata orportions of ourdata, orit could mean an authorized,
n n n n n n n n n n n n n n n n n n n n n n
butundesirable,changeor deletionofour data.Tomaintainintegrity,we notonly needtohavethemeans topreventunauthorized
n n n n n n n n n n n n n n n n n n n n n n
changestoourdatabutalsoneedtheabilitytoreverseauthorizedchangesthat needtobe undone.
n n n n n n n n n n n n n n n n n n
5. Availability: referstotheabilitytoaccessourdatawhenweneedit.Lossofavailabilitycanrefertoawidevariety
n n n n n n n n n n n n n n n n n n n n n
of breaks anywhere in the chain that allows us access to our data. Such issues can result from power loss, operating system or
n n n n n n n n n n n n n n n n n n n n n n
application problems, network attacks, compromise of a system, or other problems. When such issues are caused by an outside
n n n n n n n n n n n n n n n n n n n
party, such as an attacker, they are commonly referred to as a denial of service (DoS) attack.
n n n n n n n n n n n n n n n n n
6. Possession or Control: Referstothephysicaldispositionofthemediaonwhichthedataisstored.This
n n n n n n n n n n n n n n n n n
enablesus,withoutinvolvingotherfactorssuchasavailability,todiscussourlossofthedatainitsphysicalmedium
n n n n n n n n n n n n n n n n n n n
An example is data store be on multiple devices and there could be numerous versions.
n n n n n n n n n n n n n n
7. Authenticity: Attribution asto the owneror creatorof thedatain question. n n n n n n n n n n n n
Authenticity can be enforced through the use of digital signatures.
n n n n n n n n n
8. Utility: Refers to how usefulthe data is to us.
n n n n n n n n n
9. Interception: Interception attacks allow unauthorized users to access our data, applications, or environments and are
n n n n n n n n n n n n n n
primarily an attack against confidentiality. Interception might take the form of unauthorized file viewing or copying,
n n n n n n n n n n n n n n n n
eavesdropping on phone conversations, or reading e-mail, and can be conducted against data at rest or in motion. Properly
n n n n n n n n n n n n n n n n n n n
executed, interception attacks can be very diflcult to detect.
n n n n n n n n n
n n
, AttectsConfidentiality
n
n n