A security attribute is a goal that a data owner has for their data. This goal is with regard to particular wishes they have for their data in its future use, which may involve third parties.

For example, integrity is a security attribute in which a data owner wants for their data to be unchangeable, and to be able to confirm that this is the case.

The CIA triad is a model of data security attributes which are commonly used to guide approaches to securing systems. Although it is well known, it is not the only model in use. For example, the Parkerian Hexad is another model which adds additional security attributes.

Security policies may have many different goals depending on the needs of the data owner. Although security models like the CIA triad and the Parkerian Hexad exist, more or fewer data security attributes could be needed in order to adequately secure the data under consideration.


Last updated: 2 September 2017