Availability means authorized subjects are granted timely and uninterrupted access to objects. Often, availability protection controls support sufficient bandwidth and timeliness of processing as deemed necessary by the organization or situation. Availability includes efficient uninterrupted access to objects and prevention of denial-of-service (DoS) attacks. Availability also implies that the supporting infrastructure—including network services, communications, and access control mechanisms—is functional and allows authorized users to gain authorized access.
For availability to be maintained on a system, controls must be in place to ensure authorized access and an acceptable level of performance, to quickly handle interruptions, provide for redundancy, maintain reliable backups, and prevent data loss or destruction. 为了维持一个系统的可用性，必须有控制措施，以确保授权访问和可接受的性能水平，快速处理中断，提供冗余，保持可靠的备份，并防止数据丢失或破坏。 There are numerous threats to availability. These include device failure,software errors, and environmental issues (heat, static electricity, flooding, power loss, and soon). Some forms of attack focus on the violation of availability, including DoS attacks, object destruction, and communication interruptions.可用性有许多威胁。这些威胁包括设备故障、软件错误和环境问题（热、静电、洪水、断电等等）。一些攻击形式集中于对可用性的侵犯，包括DoS攻击、对象破坏和通信中断。 Many availability breaches are caused by human error, oversight, or ineptitude. They can also occur because of an oversight in a security policy or a misconfigured security control. 许多可用性漏洞是由人为错误、疏忽或无能造成的。它们也可能因为安全政策的疏忽或安全控制的错误配置而发生。 Numerous counter measures can ensure availability against possible threats.These include designing intermediary delivery systems properly, using access controls effectively,monitoring performance and network traffic, using firewalls and routers to prevent DoS attacks, implementing redundancy for critical systems, and maintaining and testing backup systems. Most security policies, as well as business continuity planning (BCP), focus on the use of fault to lerance features at the various levels of access/storage/security (that is, disk,server, or site) with the goal of eliminating single points of failure to maintain availability of critical systems. 众多的对策可以确保对可能的威胁的可用性。这些措施包括适当地设计中间交付系统，有效地使用访问控制，监控性能和网络流量，使用防火墙和路由器来防止DoS攻击，为关键系统实施冗余，维护和测试备份系统。大多数安全政策以及业务连续性计划（BCP）都集中于在访问/存储/安全的各个层面（即磁盘、服务器或站点）使用容错功能，目的是消除单点故障以保持关键系统的可用性。
Availability depends on both integrity and confidentiality. Without integrity and confidentiality,availability cannot be maintained. Concepts, conditions, and aspects of availability include the following:
Usability: The state of being easy to use or learn or being able to be understood and controlled by a subject
Accessibility: Theassurance that the widest range of subjects can interact with a resource regardless of their capabilities or limitations
Timeliness: Being prompt, on time,within a reasonable time frame, or providing lowlatency response
可用性：经过授权的主体被及时准许和不间断地访问客体。可用性提供了经过授权的主体能够访问数据、客体和资源的高级别保证。可用性包括有效地不间断地访问客体和阻止拒绝服务（Denial Of Services，DoS）攻击。基础结构的正常运作。