首页
外语
计算机
考研
公务员
职业资格
财经
工程
司法
医学
专升本
自考
实用职业技能
登录
计算机
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (
admin
2020-04-30
43
问题
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (71)________________ our welfare.In online environments we depend on a wide spectrum of things,ranging from computer hardware,software and data to people and organizations.A security solution always assumes certain entities function according to specific policies.To trust is precisely to make this sort of assumptions,hence,a trusted entity is the same as an entity that is assumed to function according to policy. A consequence of this is that a trusted component of a system must work correctly in order for the security of that system to hold,meaning that when a trusted (72)________________ fails,then the systems and applications that depend on it can (73)________________ be considered secure.An often cited articulation of this principle is:‘a trusted system or component is one that can break your security policy’(which happens when the trusted system fails).The same applies to a trusted party such as a service provider(SP for short),that is,it must operate according to the agreed or assumed policy in order to ensure the expected level of security and quality of services.A paradoxical conclusion to be drawn from this analysis is that security assurance may decrease when increasing the number of trusted components and parties that a service infrastructure depends on.This is because the security of an infrastructure consisting of many trusted components typically follows the principle of the weakest link,that is,in many situations the overall security can only be as strong as the least reliable or least secure of al l the trusted components.We cannot avoid using trusted security components,but the fewer the better.This is important to understand when designing the identity management architectures,that is,fewer the trusted parties in an identity management model,stronger the security that can be achieved by it.
The transfer of the social constructs of identity and trust into digital alld computational conceptshelpsindesigningandimplementinglarge scaleonlinemarketsandcommunities,and also plays an important role in the converging mobile and Internet environments.Identity management fdenoted IdM hereafter)is about recognizing and verifying the correctness of identities in online environments.Trust management becomes a component of (74)________________ whenever different parties rely on each other for identity provision and authentication.IdM and trust management therefore depend on each other in complex ways because the correctness of the identity itself must be trusted for the quality and reliability of the corresponding entity to be trusted.IdM is also an essential concept when defining authorisation policies in personalised services.
Establishing trust always has a cost,so that having complex trust requirements typically leads to high overhead in establishing the required trust.To reduce costs there will be incentives for stakeholders to‘cut comers’regarding trust requirements,which could lead to inadequate security.The challenge is tO design IdM systems with relatively simple trust requirements.Cryptographic mechanisms are often a core component of IdM solutions,for example,for entity and data authentication.With cryptography,it is often possible to propagate trust from where it initially exists to where it is needed.The establishment of initial (75)________________ usually takes place in the physical world,and the subsequent propagation of trust happens online,often in an automated manner.
选项
A、SP
B、IdM
C、Internet
D、entity
答案
B
解析
转载请注明原文地址:https://kaotiyun.com/show/3MTZ777K
本试题收录于:
信息安全工程师上午基础知识考试题库软考中级分类
0
信息安全工程师上午基础知识考试
软考中级
相关试题推荐
(2012上集管)某企业信息化建设过程中,决策层要对实施计划方案进行择优和取舍,为保证决策的科学性,其主要决策依据是______。
(2011下项管)电子钱包是电子商务购物活动中的______。
(2013上项管)分析成本构成结果,找出各种可以相互替代的成本,协调各种成本之间的关系属于______的内容。
(2012下集管)______技术是确定为了完成项目工作所需要的资源和技能水平的最佳方法
(2005上项管)活动排序的工具和技术有多种,工具和技术的选取由若干因素决定。如果项目经理决定在进度计划编制中使用子网络模板,这个决策意味着______。
(2008下项管)(2009上项管)(2010上项管)某工程包括A、B、C、D、E、F、G七项工作,各工作的紧前工作、所需时间以及所需人数如下表所示(假设每个人均能承担各项工作):该工程的工期应为______(1)天。按此工期,整个工程最少需要____
(2012上项管)某大型布线项目由甲、乙两个项目组成。甲项目场地准备需3天,乙项目场地准备需2天;甲项目施工需5天,乙项目施工需4天。两个项目的场地准备都需要一台专用设备。在只有一台可用的专用设备的情况下,此大型项目至少需要______天才能完成。
(2008下项管)______是企业信息系统的重要目标。
(2009下系管)某网站向CA申请了数字证书,用户通过______来验证网站的真伪。
某公司采用邀请招标的方式选择承建单位,实施过程中发生了如下事件:①该公司向3家单位发出招标邀请函,其中包括该公司的股东公司。②该公司8月1日发出邀请函,要求对方在8月16日提交投标书。③该公司外聘了1名法律专家,连同公司CI
随机试题
系统性红斑狼疮发病机制是
因抢救急危患者未能及时书写病历的,有关医务人员应在抢救结束后多少小时内据实补记,并加以注明
外感病汗出热退身凉者,表示( )。
王某与张某签订了奶牛买卖合同,约定2005年10月1日王某将自家的10头奶牛全部交付给张某,2005年9月30日,其中一头奶牛产下了一头小牛,以下说法不正确的是()
经济适用住房购房人拥有有限产权,购房满10年可转让,但应按照规定缴纳土地收益等价款。()
新增固定资产并生成记账凭证。卡片编号:0001固定资产编码:1501固定资产名称:仓库固定资产类别:房屋及建筑物使用状态:使用中增加方式:直接购入原值:400000元增加日期:2015年7月15日折旧
关系数据库中的视图属于4个数据抽象级别中的()。
______RiverGangesisthemostsacredrivertoHindusandisalsoalifelinetomillionsofIndianswholivealongitscoursea
我国既是一个资源大国,也是一个资源“小国”。()
A=RotherhitheB=BarnesC=WillesdenD=King’sCrossWhichcity...usedtohavelotofproblemssuchasdrugs,streetcri
最新回复
(
0
)