首页
外语
计算机
考研
公务员
职业资格
财经
工程
司法
医学
专升本
自考
实用职业技能
登录
计算机
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (
admin
2020-04-30
40
问题
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (71)________________ our welfare.In online environments we depend on a wide spectrum of things,ranging from computer hardware,software and data to people and organizations.A security solution always assumes certain entities function according to specific policies.To trust is precisely to make this sort of assumptions,hence,a trusted entity is the same as an entity that is assumed to function according to policy. A consequence of this is that a trusted component of a system must work correctly in order for the security of that system to hold,meaning that when a trusted (72)________________ fails,then the systems and applications that depend on it can (73)________________ be considered secure.An often cited articulation of this principle is:‘a trusted system or component is one that can break your security policy’(which happens when the trusted system fails).The same applies to a trusted party such as a service provider(SP for short),that is,it must operate according to the agreed or assumed policy in order to ensure the expected level of security and quality of services.A paradoxical conclusion to be drawn from this analysis is that security assurance may decrease when increasing the number of trusted components and parties that a service infrastructure depends on.This is because the security of an infrastructure consisting of many trusted components typically follows the principle of the weakest link,that is,in many situations the overall security can only be as strong as the least reliable or least secure of al l the trusted components.We cannot avoid using trusted security components,but the fewer the better.This is important to understand when designing the identity management architectures,that is,fewer the trusted parties in an identity management model,stronger the security that can be achieved by it.
The transfer of the social constructs of identity and trust into digital alld computational conceptshelpsindesigningandimplementinglarge scaleonlinemarketsandcommunities,and also plays an important role in the converging mobile and Internet environments.Identity management fdenoted IdM hereafter)is about recognizing and verifying the correctness of identities in online environments.Trust management becomes a component of (74)________________ whenever different parties rely on each other for identity provision and authentication.IdM and trust management therefore depend on each other in complex ways because the correctness of the identity itself must be trusted for the quality and reliability of the corresponding entity to be trusted.IdM is also an essential concept when defining authorisation policies in personalised services.
Establishing trust always has a cost,so that having complex trust requirements typically leads to high overhead in establishing the required trust.To reduce costs there will be incentives for stakeholders to‘cut comers’regarding trust requirements,which could lead to inadequate security.The challenge is tO design IdM systems with relatively simple trust requirements.Cryptographic mechanisms are often a core component of IdM solutions,for example,for entity and data authentication.With cryptography,it is often possible to propagate trust from where it initially exists to where it is needed.The establishment of initial (75)________________ usually takes place in the physical world,and the subsequent propagation of trust happens online,often in an automated manner.
选项
A、entity
B、person
C、component
D、thing
答案
C
解析
转载请注明原文地址:https://kaotiyun.com/show/kMTZ777K
本试题收录于:
信息安全工程师上午基础知识考试题库软考中级分类
0
信息安全工程师上午基础知识考试
软考中级
相关试题推荐
(2011上项管)某项目的可行性报告中有如下描述:“……为了规避风险,采用模块化开发的方法,即每个模块可以单独开发与销售,放到整个系统中又可以与其他模块协同工作,能够有效降低开发成本与风险…项目采用面向对象的、模块化的建模与开发方法,主体采用B/S结构,使
(2009下架构)软件架构贯穿于软件的整个生命周期,但在不同阶段对软件架构的关注力度并不相同,在______阶段,对软件架构的关注最多。
(2005下项管)某项目的项目范围已经发生变更,因此成本基线也将发生变更,项目经理需要尽快______。
(2011上集管)软件开发项目规模度量(SizeMeasurement)是估算软件项目工作量、编制成本预算、策划合理项目进度的基础。在下列方法中,______可用于软件的规模估算,帮助软件开发团队把握开发时间、费用分布等。
(2009下项管)下列选项中,项目经理进行成本估算时不需要考虑的因素是______。
(2012下集管)______技术是确定为了完成项目工作所需要的资源和技能水平的最佳方法
(2011上项管)根据《软件工程术语GB/T11457-2006》规定,基线是业已经过正式审核与同意,可用作下一步开发的基础,并且只有通过正式的修改管理步骤方能加以修改的规格说明或产品。对于配置管理,有以下三种基线:功能基线、______和产品基线。
(2007下项管)CMMI提供了两种模型表述方式:“连续式”和“阶段式”。以下说法中正确的是______。
(2009上集管)(2008上项管)在项目管理的下列四类风险类型中,对用户来说如果没有管理好,______将会造成最长久的影响。
IP安全性(IP Security,IPSec)提供了在局域网、广域网和因特网中安全通信能力。关于IP安全性下列说法不正确的是(28)。
随机试题
导致程序失效的因素包括:_______、_______、_______、_______。
下列卵巢非赘生性囊肿临床表现和声像图特征,错误的是
患者,女,26岁,G2P0,孕31周。恶心、呕吐伴不规律下腹坠痛10小时而入院。一般情况尚可,T37.3℃,BP120/80mmHg,P90次/min,R20次/min;心肺未见异常,妊娠腹型,肝脾未及,剑突下右侧轻压痛,无反跳痛,麦氏点无压痛。有
与心相合为
全程跟单是指“跟”到货款到账、合同履行完毕为止。()
以抗日为主题的各种形式的文学创作成为吉林现代文学的主线是从()后开始的。
迷信实质上就是把某个理论、事物奉为永恒不变的东西而不加分析地盲从,迷信绝不是封建时代的特产。任何时候,只要我们把某个人的思想、某种理论当成万能不变的法宝,不假思索地接受,迷信活动都可能形成。盲从的意识就会继续左右人们的行为。而要彻底根除迷信、消除盲从,仅仅
公共危机舆论管理中,柔性同刚性之间既存在矛盾,又相互借鉴,刚性需要柔性来填充,柔性需要刚性做支撑。形象地说,刚性是骨架,柔性是血肉。倡导柔性管理,不是全盘否定刚性管理的价值,而是要弥补其过于刻板、缺乏弹性等方面的不足。《周易》中说,“刚柔相推,崇德广业”。
关于法律意识,下列表述错误的是()
若有以下程序段:structstmain(){intn;{structst*p;int*m;p=s;};…inta=2,b=3,c=5;}structsts[3]=({101,&a},{102,&c},{103,
最新回复
(
0
)