What is it?
Availability is simply something that can be acquired, it can refers to people (someone who is free is available) or things (a service in this country isn’t available). It's as though you have a locked bike that can only be unlocked by yourself at a time that you wish to ride on it
The CIA Triad
Availability within The CIA Triad is one of 3 fundamental goals to ensure security, along with Confidentiality and Integrity. It simply means that all assets must be available to the appropriate parties in the appropriate time they wish to use it.
Quick Links
Example - Google Maps
If a user is lost, they use Google Maps to find their way back home, to do this they:
- Open the app
- Set a destination But how about if they can’t connect to Google Maps? This would signify a loss of availability.
Characteristics of Availability
There are many characteristic to determine if a Assets is available:
- It’s useable
- Must make sense
- Should make clear progress
- Some form of indicator to show assets are available
- Completes in a acceptable form of time
- Shouldn’t take too long
- Requests are handled fairly
- There should be no discrimination, for example Two-Tiered Internet
Case Study - The Bronze Soldier of Tallinn
The Bronze Solider of Tallinn was a statue that was moved from central Tallinn to a military cemetery, after this many websites including banking, media, and websites all came under attack, using a Distributed Denial of Service attack for weeks
This means that the DDoS resulted into a loss of availability and as this was dubbed the “most wired” country in Europe, it effectively shutdown Estonia for several weeks and many of the residents couldn’t access critical websites such as banking or government