Preserving confidentiality, integrity, and availability of data is a restatement of the concern over interruption, interception, modification, and fabrication. How do the first three concepts relate to the last four? That is, is any of the four equivalent to one or more of the three? Is one of the three encompassed by one or more of the four?

What will be an ideal response?

There is not a good one-­?to-­?one correspondence. Modification is primarily a failure of integrity, although there are aspects of availability (denial of service). Fabrication is probably the closest to being exclusively an integrity violation, although fabrication of covert outputs could be used to leak otherwise confidential data. Interruption is an availability concern, although one can argue that it is also a failure of the integrity of a communication or information flow. Interception primarily results in a breach of confidentiality, although it could also be seen as an attack on availability.

The distinctions drawn here are primarily semantic. There are also possible arguments over whether an incident is a lack of confidentiality or integrity, too. The point is not to split hairs of categorization among the three or four terms but rather to use the terms to envision a broad range of vulnerabilities and threats.