Identity Assurance for Information Assurance
“Information Assurance(IA): definition & explanation” https://www.itgovernanceusa.com/information/information-assurance
A friend suggested me to write something on the message below.
It reads “Information Assurance (IA) is essentially protecting information systems, and is often associated with the following five pillars: Integrity, Availability, Authentication, Confidentiality and Nonrepudiation (in this order).
The five pillars of information assurance can be applied various ways, depending on the sensitivity of your organization’s information or information systems.”
I am not a little concerned that ‘authentication’ is placed on the same plane along with four other pillars., although ‘authentication’ has an especially unique status that four other pillars do not have -
Assume that you are responsible for running a system that is perfectly designed, implemented and operated in view of Integrity, Availability Confidentiality and Nonrepudiation.
The system would turn into the adversaries’ best weapons when your password is stolen by them, as analysed here — “Value of Identity Assurance — Trivial or Significant?” (21Sep2023) https://www.linkedin.com/posts/hitoshikokumai_international-criminal-court-hacked-amid-activity-7110545195355570176-G38i
This critical observation is often overlooked by too many security professionals. I do wish that security experts in democratic societies pay due attention to the crucial role that identity assurance plays for information assurance.
