首页
外语
计算机
考研
公务员
职业资格
财经
工程
司法
医学
专升本
自考
实用职业技能
登录
计算机
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (
admin
2020-04-30
52
问题
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (71)________________ our welfare.In online environments we depend on a wide spectrum of things,ranging from computer hardware,software and data to people and organizations.A security solution always assumes certain entities function according to specific policies.To trust is precisely to make this sort of assumptions,hence,a trusted entity is the same as an entity that is assumed to function according to policy. A consequence of this is that a trusted component of a system must work correctly in order for the security of that system to hold,meaning that when a trusted (72)________________ fails,then the systems and applications that depend on it can (73)________________ be considered secure.An often cited articulation of this principle is:‘a trusted system or component is one that can break your security policy’(which happens when the trusted system fails).The same applies to a trusted party such as a service provider(SP for short),that is,it must operate according to the agreed or assumed policy in order to ensure the expected level of security and quality of services.A paradoxical conclusion to be drawn from this analysis is that security assurance may decrease when increasing the number of trusted components and parties that a service infrastructure depends on.This is because the security of an infrastructure consisting of many trusted components typically follows the principle of the weakest link,that is,in many situations the overall security can only be as strong as the least reliable or least secure of al l the trusted components.We cannot avoid using trusted security components,but the fewer the better.This is important to understand when designing the identity management architectures,that is,fewer the trusted parties in an identity management model,stronger the security that can be achieved by it.
The transfer of the social constructs of identity and trust into digital alld computational conceptshelpsindesigningandimplementinglarge scaleonlinemarketsandcommunities,and also plays an important role in the converging mobile and Internet environments.Identity management fdenoted IdM hereafter)is about recognizing and verifying the correctness of identities in online environments.Trust management becomes a component of (74)________________ whenever different parties rely on each other for identity provision and authentication.IdM and trust management therefore depend on each other in complex ways because the correctness of the identity itself must be trusted for the quality and reliability of the corresponding entity to be trusted.IdM is also an essential concept when defining authorisation policies in personalised services.
Establishing trust always has a cost,so that having complex trust requirements typically leads to high overhead in establishing the required trust.To reduce costs there will be incentives for stakeholders to‘cut comers’regarding trust requirements,which could lead to inadequate security.The challenge is tO design IdM systems with relatively simple trust requirements.Cryptographic mechanisms are often a core component of IdM solutions,for example,for entity and data authentication.With cryptography,it is often possible to propagate trust from where it initially exists to where it is needed.The establishment of initial (75)________________ usually takes place in the physical world,and the subsequent propagation of trust happens online,often in an automated manner.
选项
A、with
B、on
C、of
D、for
答案
D
解析
转载请注明原文地址:https://kaotiyun.com/show/jMTZ777K
本试题收录于:
信息安全工程师上午基础知识考试题库软考中级分类
0
信息安全工程师上午基础知识考试
软考中级
相关试题推荐
(2007下系分)系统可靠性的简单度量是平均故障间隔时间(MTBF),其计算公式是______(1);软件可用性是指在某个给定时间点上程序能够按照需求执行的概率,其定义为______(2)(MTTF:MeanTimeToFailure;MTTR:Me
(2013下集管)网上订票系统为每一位订票者提供了方便快捷的购票业务。这种电子商务的类型属于______。
(2009下项管)下列技术规范中,______不是软件中间件的技术规范。
(2010下项管)项目进行过程中,客户要求进度提前,围绕整体变更管理,项目经理以下做法,正确的是______。
(2014下项管)项目中每个成员都负有成本责任。以下关于成本控制对项目人员要求的叙述中,______是不正确的。
(2005上项管)当评估项目的成本绩效数据时,根据数据与基线的偏差程度将作出不同的反应。例如,10%的偏差可能不需作出反应,而100%的偏差将需要进行调查,对成本偏差的判断会使用______。
(2013上项管)下图中,从A到E的最短长度是______(图中每条边旁的数字为该条边的长度)。
(2009上网工)两个公司希望通过Internet传输大量敏感数据,从信息源到目的地之间的传输数据以密文形式出现,而且不希望由于在传输结点使用特殊的安全单元而增加开支,最合适的加密方式是______(1),使用会话密钥算法效率最高的是______(2)。
(2009上集管)既可能带来机会、获得利益,又隐含威胁、造成损失的风险,称为______。
(2006下项管)802.11标准定义了3种物理层通信技术,这3种技术不包括______。
随机试题
决策主体的因素一般包括()
A.FT3B.TT3C.FT4D.TT4E.TSH原发性甲状腺功能减退症最早出现异常的是
对明渠恒定均匀流,在已知通过流量Q、渠道底坡i、边坡系数m及粗糙系数n的条件下,计算梯形断面渠道尺寸的补充条件及设问不能是:
关于合同形式的说法,正确的是()。
预算定额中的人工工日消耗量可采用( )来确定。
在Word文档中,要想产生段落标记,应该输入()。
下列收入中,应征增值税的是( )。
下列应税销售行为,一般纳税人可以选择简易计税方法计税的有()。
在“首届京剧旦角最佳演员”的评选中,梅兰芳、程砚秋、尚小云、()当选,被誉为京剧“四大名旦"。
《中华人民共和国行政复议法》规定,()可以作为第三人参加行政复议。
最新回复
(
0
)