首页
外语
计算机
考研
公务员
职业资格
财经
工程
司法
医学
专升本
自考
实用职业技能
登录
计算机
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (
admin
2020-04-30
46
问题
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (71)________________ our welfare.In online environments we depend on a wide spectrum of things,ranging from computer hardware,software and data to people and organizations.A security solution always assumes certain entities function according to specific policies.To trust is precisely to make this sort of assumptions,hence,a trusted entity is the same as an entity that is assumed to function according to policy. A consequence of this is that a trusted component of a system must work correctly in order for the security of that system to hold,meaning that when a trusted (72)________________ fails,then the systems and applications that depend on it can (73)________________ be considered secure.An often cited articulation of this principle is:‘a trusted system or component is one that can break your security policy’(which happens when the trusted system fails).The same applies to a trusted party such as a service provider(SP for short),that is,it must operate according to the agreed or assumed policy in order to ensure the expected level of security and quality of services.A paradoxical conclusion to be drawn from this analysis is that security assurance may decrease when increasing the number of trusted components and parties that a service infrastructure depends on.This is because the security of an infrastructure consisting of many trusted components typically follows the principle of the weakest link,that is,in many situations the overall security can only be as strong as the least reliable or least secure of al l the trusted components.We cannot avoid using trusted security components,but the fewer the better.This is important to understand when designing the identity management architectures,that is,fewer the trusted parties in an identity management model,stronger the security that can be achieved by it.
The transfer of the social constructs of identity and trust into digital alld computational conceptshelpsindesigningandimplementinglarge scaleonlinemarketsandcommunities,and also plays an important role in the converging mobile and Internet environments.Identity management fdenoted IdM hereafter)is about recognizing and verifying the correctness of identities in online environments.Trust management becomes a component of (74)________________ whenever different parties rely on each other for identity provision and authentication.IdM and trust management therefore depend on each other in complex ways because the correctness of the identity itself must be trusted for the quality and reliability of the corresponding entity to be trusted.IdM is also an essential concept when defining authorisation policies in personalised services.
Establishing trust always has a cost,so that having complex trust requirements typically leads to high overhead in establishing the required trust.To reduce costs there will be incentives for stakeholders to‘cut comers’regarding trust requirements,which could lead to inadequate security.The challenge is tO design IdM systems with relatively simple trust requirements.Cryptographic mechanisms are often a core component of IdM solutions,for example,for entity and data authentication.With cryptography,it is often possible to propagate trust from where it initially exists to where it is needed.The establishment of initial (75)________________ usually takes place in the physical world,and the subsequent propagation of trust happens online,often in an automated manner.
选项
A、with
B、on
C、of
D、for
答案
D
解析
转载请注明原文地址:https://kaotiyun.com/show/jMTZ777K
本试题收录于:
信息安全工程师上午基础知识考试题库软考中级分类
0
信息安全工程师上午基础知识考试
软考中级
相关试题推荐
(2009下集管)______是通过对商业信息的搜集、管理和分析,使企业的各级决策者获得知识或洞察力,促使他们做出有利决策的一种技术。
(2014下集管)______不属于电子商务基础设施。
(2011下项管)用一系列软件的修改来评价软件体系结构的易修改性,属于基于______的软件体系结构评估方式。
(2010上集管)小王在公司局域网中用Delphi编写了客户端应用程序,其后台数据库使用MSNT4+SQLServer,应用程序通过ODBC连接到后台数据库。此处的ODBC是______。
(2011上集管)某项目经理在进行成本估算时采用______方法,制定出如下的人力资源成本估算表。
(2008上项管)以下关于成本估算的说法错误的是______。
(2013下集管)配置管理描述了应用技术和行政管理指示的监督的程序,______不属于配置中实施的任务。
(2007上网工)采用Kerberos系统进行认证时,可以在报文中加入______来防止重放攻击。
(2007下项管)在面向对象方法中,对象可看成属性(数据)以及这些属性上的专用操作的封装体。封装是一种_____(1)技术。类是一组具有相同属性和相同操作的对象之集合,类的每个对象都是这个类的一个_____(2)。(1)
某公司采用邀请招标的方式选择承建单位,实施过程中发生了如下事件:①该公司向3家单位发出招标邀请函,其中包括该公司的股东公司。②该公司8月1日发出邀请函,要求对方在8月16日提交投标书。③该公司外聘了1名法律专家,连同公司CI
随机试题
Windows把所有的系统环境设置功能都统一到()。
患者腹大坚满,脘腹绷急,烦热口苦,渴不欲饮,小便短赤,便溏不爽,舌红苔黄腻。脉滑数。其证候是
某人3日前出现鼻塞、流清水样鼻涕、喷嚏、咽痛等症状,无发热及全身症状,医生向病人解释这只是普通感冒,嘱咐多饮水及注意休息,下列描述中错误的是()。
某政府机关在城市繁华地段建一幢办公楼。在施工招标文件的附件中要求投标人具有垫资能力,并写明:投标人承诺垫资每增加500万元的,评标增加1分。某施工总承包单位中标后,因设计发生重大变化,需要重新办理审批手续。为了不影响按期开工,建设单位要求施工总承包单位按照
企业当月销售A产品300件,每件生产成本100元;B产品400件,每件生产成本300元,结转其主营业务成本,会计分录为()。
(2012年)甲公司和乙公司均为增值税一般纳税人,适用的增值税税率均为17%。甲公司于2009年9月30日向乙公司销售一批产品,应收乙公司的货款为2340万元(含增值税)。乙公司同日开出一张期限为6个月,票面年利率为8%的商业承兑汇票。在票据到期日,乙公司
用二维表结构表示实体以及实体间联系的数据模型称为()。
(1)市场调查(2)扭亏为盈(3)聘请专家(4)企业亏损(5)制订政策
党在社会主义初级阶段的路线可以概括为()。
通常下图所表示的情绪理论是()。(2018年)
最新回复
(
0
)