Security is such a vast topic that even a book to cover it will fall short, let alone a chapter. In this section, we will discuss the base components of security and its definitions.
The core of information security mainly focuses on the CIA triad, which stands for confidentiality, integrity, and availability of data.
The data confidentiality principle dictates that access should be allowed only on a need-to-know basis, which means, by default, block all access and only open access when necessary.
Let's take a banking example to elucidate the principles. Say someone comes into the bank and requests to know your bank balance, and is successful. This would be considered a breach in confidentiality.