addresses the question, what are you authorized to do? This process governs the resources and operations that the authenticated user has permission to access. Resources include files, databases, tables, rows, and so on. Users can either access the entire resource, a part of the resource, or none of it.

Auditing and logging

guarantees that a user cannot deny an operation or initiate a transaction without the activity being recorded. In cloud applications, this means you log the use of the application or the data store for compliance or other legal reasons. Auditing and logging also lets you spot patterns of use that may indicate a breach and take defensive action.

Confidentiality or privacy,

is the process of making sure that your data remains confidential. This means ensuring that the data cannot be viewed by unauthorized users or eavesdroppers monitoring the flow of traffic across a network. Use encryption to enforce confidentiality, and consider using it whenever data is at rest or moving within a system.


is the guarantee that data is protected from accidental or malicious modification. For example, ensuring that a hacker cannot take money from your bank account without you receiving a notification.