首页
外语
计算机
考研
公务员
职业资格
财经
工程
司法
医学
专升本
自考
实用职业技能
登录
计算机
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (
admin
2020-04-30
53
问题
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (71)________________ our welfare.In online environments we depend on a wide spectrum of things,ranging from computer hardware,software and data to people and organizations.A security solution always assumes certain entities function according to specific policies.To trust is precisely to make this sort of assumptions,hence,a trusted entity is the same as an entity that is assumed to function according to policy. A consequence of this is that a trusted component of a system must work correctly in order for the security of that system to hold,meaning that when a trusted (72)________________ fails,then the systems and applications that depend on it can (73)________________ be considered secure.An often cited articulation of this principle is:‘a trusted system or component is one that can break your security policy’(which happens when the trusted system fails).The same applies to a trusted party such as a service provider(SP for short),that is,it must operate according to the agreed or assumed policy in order to ensure the expected level of security and quality of services.A paradoxical conclusion to be drawn from this analysis is that security assurance may decrease when increasing the number of trusted components and parties that a service infrastructure depends on.This is because the security of an infrastructure consisting of many trusted components typically follows the principle of the weakest link,that is,in many situations the overall security can only be as strong as the least reliable or least secure of al l the trusted components.We cannot avoid using trusted security components,but the fewer the better.This is important to understand when designing the identity management architectures,that is,fewer the trusted parties in an identity management model,stronger the security that can be achieved by it.
The transfer of the social constructs of identity and trust into digital alld computational conceptshelpsindesigningandimplementinglarge scaleonlinemarketsandcommunities,and also plays an important role in the converging mobile and Internet environments.Identity management fdenoted IdM hereafter)is about recognizing and verifying the correctness of identities in online environments.Trust management becomes a component of (74)________________ whenever different parties rely on each other for identity provision and authentication.IdM and trust management therefore depend on each other in complex ways because the correctness of the identity itself must be trusted for the quality and reliability of the corresponding entity to be trusted.IdM is also an essential concept when defining authorisation policies in personalised services.
Establishing trust always has a cost,so that having complex trust requirements typically leads to high overhead in establishing the required trust.To reduce costs there will be incentives for stakeholders to‘cut comers’regarding trust requirements,which could lead to inadequate security.The challenge is tO design IdM systems with relatively simple trust requirements.Cryptographic mechanisms are often a core component of IdM solutions,for example,for entity and data authentication.With cryptography,it is often possible to propagate trust from where it initially exists to where it is needed.The establishment of initial (75)________________ usually takes place in the physical world,and the subsequent propagation of trust happens online,often in an automated manner.
选项
A、with
B、on
C、of
D、for
答案
D
解析
转载请注明原文地址:https://kaotiyun.com/show/jMTZ777K
本试题收录于:
信息安全工程师上午基础知识考试题库软考中级分类
0
信息安全工程师上午基础知识考试
软考中级
相关试题推荐
(2007下项管)信息系统工程监理实行______。
(2010下监理)______可组成BI(商业智能)系统。
(2010下集管)某公司最近承接了一个大型信息系统项目,项目整体压力较大,对这个项目中的变更,可以使用______等方式提高效率。①分优先级处理;②规范处理;③整批处理;④分批处理
(2005上项管)在距离矢量路由协议中,防止路由循环的技术是______。
(2010上集管)可以实现在Internet上任意两台计算机之间传输文件的协议是______。
(2010上系分)某学校运动会准备安排8个项目(命名为A,B,…,H)的决赛,16个团队(编号为1,2,…,16)参加决赛的项目如下表(*表示相应的团队将参加相应的决赛):运动会组委会希望妥善安排这8个项目决赛顺序的方案,使每个团队不会连续参加
(2005上项管)关于kerberos和PKI两种认证协议的叙述中正确的是______(1),在使用kerberos认证时,首先向密钥分发中心发送初始票据______(2)来请求会话票据,以便获取服务器提供的服务。(2)
(2008下网工)下列安全协议中,______能保证交易双方无法抵赖。
(2009上集管)既可能带来机会、获得利益,又隐含威胁、造成损失的风险,称为______。
某采购人在履行采购金额为1000万元的政府采购合同中,需要追加与该合同标的相同的货物。根据相关法律,在不改变合同其他条款的前提下,下列说法中正确的是()。
随机试题
《诸病源候论》是我国第一部论述病源和证候诊断的巨著,此书的作者是()(1995年第14题)
工业化是推进城镇化的重要支撑,而城镇化必然要依靠相关产业的支持。没有工业化的进一步发展,城镇化就失去了最坚强的后盾。由此可以推出()。
仲裁型质量监督包括【】
“百团大战”的重要意义是()
细胞内ATP/AMP比值增加可以抑制
癌细胞多形性是下列哪项的标志
护理急性感染性多发性神经炎病人应防止何种并发症的发生以免危及生命
下列各项中,符合会计要素收入定义的是()。
以下地址中不属于网络100.10.96.0/20的主机地址是()。
下列选项中,关于交换机的描述不正确的是()。
最新回复
(
0
)