Does Cryptography support "Availability" or not?

s2008

In page 219 of ISC2 book it says it does not:

Official (ISC)2 Guide to the CISSP CBK - Google Books

While in in page 226 it says it does!

Can someone clarify that for me, does Cryptography support CIA or not?

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

s2008

slinuxuzer wrote: »

The only respone I'll make to this is,

1. If you disagree with someone "respectfully" state your reasons and back that up with some logic and explanations of said logic.

2. JD is a very knowledgable and compotent member of TE and takes the time to contribute here he deserves your respect even if you don't think so, he certainly doesn't deserve disrespect.

I can tell you that if you work in this industry and make your living this way you will eventually need some help or advice and I personally use this site and it's members to help me advance my knowledge base there by my career and bank account. Either you don't work in the industry or at a high enough level to see it that way or you haven't realized that yet.

Either way your likely to find yourself needing folks like me and JD at some point, so it's probably in your best interest to play nice.

Ditto that.....

JDMurray

novaterriers wrote: »

omg, what terrible advise....

I didn't offer any "advice," only "opinion."

I'll just come right out and say that any security-related control can support more than one leg of the C-I-A Triad. For example: crypto-based authentication, while it obvious that it supports integrity, also supports availability because of its ability to mitigate the affects of threats in high-risk situations. There are many systems that would be unusable (unavailable) were it not for their cryptographic subsystems.

gladiatorkev

In a way i supports JD's view.

While i completely agree on what is written in the textbook(s).. lets go with one real world example.

If suppose there is a military submarine operating during a war.. transmitting / receiving messages back to the command centre taking instructions and giving its positions...

In such a scenario, if the cryptography component of the encrypted communication breaks down or is broken .. it WILL directly affect the availability of the end resource we are trying to protect. in this case the submarine..

So..maybe not directly as it is not designed to support the function of availability .. in such scenarios, systems.. it does indirectly support / affect availability.

Any thoughts...:)

slinuxuzer

A good one we missed is quantum cryptography, it's my understanding that the act of intercepting this type of data stream destroys the data, this could be seen as one implementation supporting availability.