首页
外语
计算机
考研
公务员
职业资格
财经
工程
司法
医学
专升本
自考
实用职业技能
登录
计算机
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (
admin
2020-04-30
47
问题
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (71)________________ our welfare.In online environments we depend on a wide spectrum of things,ranging from computer hardware,software and data to people and organizations.A security solution always assumes certain entities function according to specific policies.To trust is precisely to make this sort of assumptions,hence,a trusted entity is the same as an entity that is assumed to function according to policy. A consequence of this is that a trusted component of a system must work correctly in order for the security of that system to hold,meaning that when a trusted (72)________________ fails,then the systems and applications that depend on it can (73)________________ be considered secure.An often cited articulation of this principle is:‘a trusted system or component is one that can break your security policy’(which happens when the trusted system fails).The same applies to a trusted party such as a service provider(SP for short),that is,it must operate according to the agreed or assumed policy in order to ensure the expected level of security and quality of services.A paradoxical conclusion to be drawn from this analysis is that security assurance may decrease when increasing the number of trusted components and parties that a service infrastructure depends on.This is because the security of an infrastructure consisting of many trusted components typically follows the principle of the weakest link,that is,in many situations the overall security can only be as strong as the least reliable or least secure of al l the trusted components.We cannot avoid using trusted security components,but the fewer the better.This is important to understand when designing the identity management architectures,that is,fewer the trusted parties in an identity management model,stronger the security that can be achieved by it.
The transfer of the social constructs of identity and trust into digital alld computational conceptshelpsindesigningandimplementinglarge scaleonlinemarketsandcommunities,and also plays an important role in the converging mobile and Internet environments.Identity management fdenoted IdM hereafter)is about recognizing and verifying the correctness of identities in online environments.Trust management becomes a component of (74)________________ whenever different parties rely on each other for identity provision and authentication.IdM and trust management therefore depend on each other in complex ways because the correctness of the identity itself must be trusted for the quality and reliability of the corresponding entity to be trusted.IdM is also an essential concept when defining authorisation policies in personalised services.
Establishing trust always has a cost,so that having complex trust requirements typically leads to high overhead in establishing the required trust.To reduce costs there will be incentives for stakeholders to‘cut comers’regarding trust requirements,which could lead to inadequate security.The challenge is tO design IdM systems with relatively simple trust requirements.Cryptographic mechanisms are often a core component of IdM solutions,for example,for entity and data authentication.With cryptography,it is often possible to propagate trust from where it initially exists to where it is needed.The establishment of initial (75)________________ usually takes place in the physical world,and the subsequent propagation of trust happens online,often in an automated manner.
选项
A、SP
B、IdM
C、Internet
D、entity
答案
B
解析
转载请注明原文地址:https://kaotiyun.com/show/3MTZ777K
本试题收录于:
信息安全工程师上午基础知识考试题库软考中级分类
0
信息安全工程师上午基础知识考试
软考中级
相关试题推荐
(2007下系分)系统可靠性的简单度量是平均故障间隔时间(MTBF),其计算公式是______(1);软件可用性是指在某个给定时间点上程序能够按照需求执行的概率,其定义为______(2)(MTTF:MeanTimeToFailure;MTTR:Me
(2013下项管)以下关于商业智能的说法中,______是不恰当的。
(2010下架构)软件架构是降低成本、改进质量、按时和按需交付产品的关键因素。以下关于软件架构的描述,错误的是______。
(2005上项管)活动排序的工具和技术有多种,工具和技术的选取由若干因素决定。如果项目经理决定在进度计划编制中使用子网络模板,这个决策意味着______。
(2009上项管)某项目的时标网络图如下(时间单位:周),在项目实施过程中,因负责实施的工程师误操作发生了质量事故,需整顿返工,造成工作④-⑥拖延3周,受此影响,工程的总工期会拖延______周。
(2008上项管)下图标明了六个城市(A~F)之间的公路(每条公路旁标注了其长度公里数)。为将部分公路改造成高速公路,使各个城市之间均可通过高速公路通达,至少要改造总计____(1)公里的公路,这种总公里数最少的改造方案共有____(2)个。(2)
(2009下网规)网管人员在监测网络运行状态时,发现下列现象:服务器上有大量的TCP连接,收到了大量源地址各异、用途不明的数据包;服务器收到大量的ARP报文。网管人员的判断是______(1),针对前一现象将采取的措施是______(2),针对后一现象可能
(2010下软设)公钥体系中,私钥用于____(1),公钥用于____(2)。(1)
(2009下网规)很多通信使用对称密钥加密方法,其中共享密钥的分发过程是保证安全的重要环节之一,可用于在用户甲和乙之间分发共享密钥的方案是______。
(2011上集管)在某次针对数据库的信息安全风险评估中,发现其中对财务核心数据的逻辑访问密码长期不变。基于以上现象,下列说法正确的是______。
随机试题
《源氏物语》中的人物有_________、__________、__________、_________、___________。
下列关于周围型肺癌毛刺征的描述,不正确的是
患者,女性,25岁,已婚,有原发性痛经史,1年内无生育计划,治疗其原发性痛经最好选用()
()不属于会计软件。
某事业单位的下列资产中,需要计提坏账准备的有()。
出租人在租赁期内对于租赁物()。
党的十八届五中全会提出了“十三五”时期我国发展的指导思想:高举中国特色社会主义伟大旗帜,全面贯彻党的十八大和十八届三中、四中全会精神,以马克思列宁主义、毛泽东思想、邓小平理论、“三个代表”重要思想、科学发展观为指导,深入贯彻习近平总书记系列重要讲话精神,坚
为达到把a、b中的值交换后输出的目的,某人编程如下:PrivateSubCommand1_Click()a%=10:b%=20Callswap(a,b)Printa,bEndSubPri
A、Shedesirestolookyounger.B、Sheisexcitedthatshelooksmature.C、Shedoesn’thaveaproblemwithherage.D、Shewishess
Onlythehardiestanimals______(才能在严寒中生存).
最新回复
(
0
)