When looking at the availability element of the CIA triad, most definitions mention that availability is addressed through ensuring system up-time by using controls such as disaster recovery, business continuity, rate limiting to mitigate DOS(Denial of Service) etc.
Can the availability element also be addressed by ensuring that information is only available to certain users through technical controls such as access control, encryption etc. ?