The "Five Pillars of Information Assurance" is a model, prominently used by the U.S. Department of Defense (DoD) and the Committee on National Security Systems (CNSS), that defines the fundamental goals of securing information and systems. It extends the classic security triad by adding two crucial services. The model is explicitly composed of Confidentiality, Integrity, Availability, Authentication, and Non-repudiation. The question's description is a verbatim definition of this model, which aims to provide a comprehensive framework for protecting and defending information assets.

A. Parkerian Hexad: This model includes six, not five, elements: Confidentiality, Integrity, Availability, Possession/Control, Authenticity, and Utility.

C. Capability Maturity Model (CMM): This is a process improvement and maturity model for organizational development, not a model defining core information security services.

D. Classic information security model: This typically refers to the CIA Triad (Confidentiality, Integrity, Availability) and does not include Authentication or Non-repudiation.

1. Committee on National Security Systems (CNSS). (2010). National Information Assurance (IA) Glossary (CNSSI No. 4009). Page 35. The document defines Information Assurance (IA) as: "Measures that protect and defend information and information systems by ensuring their availability

integrity

authentication

confidentiality

and non-repudiation."

2. Wilson

M.

& Hash

J. (2003). Building an Information Technology Security Awareness and Training Program (NIST Special Publication 800-50). National Institute of Standards and Technology. Page 5

Section 2.1. This publication states

"The five goals of IT security are often referred to as the five pillars of information assurance: confidentiality

integrity

availability

non-repudiation

and authentication."

3. Kam

H-J.

& Cho

S-J. (2015). A Study on the Information Security Education Framework for Developing Countries. Journal of Security Engineering

12(6)

607-618. Page 609 discusses the "Five Pillars of Information Security" as Confidentiality

Integrity

Availability

Authentication

and Non-repudiation

citing them as the core components of information assurance education. DOI: https://doi.org/10.14257/jse.2015.12.06

4. Naval Postgraduate School. (2004). CS3670: Secure Computer Systems Course Syllabus. Department of Computer Science. The course objectives explicitly mention understanding the "five pillars of Information Assurance (confidentiality

integrity

availability

non-repudiation

and authentication)." This demonstrates its use in academic curricula for information systems security engineering.