首页
外语
计算机
考研
公务员
职业资格
财经
工程
司法
医学
专升本
自考
实用职业技能
登录
计算机
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (
admin
2020-04-30
41
问题
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (71)________________ our welfare.In online environments we depend on a wide spectrum of things,ranging from computer hardware,software and data to people and organizations.A security solution always assumes certain entities function according to specific policies.To trust is precisely to make this sort of assumptions,hence,a trusted entity is the same as an entity that is assumed to function according to policy. A consequence of this is that a trusted component of a system must work correctly in order for the security of that system to hold,meaning that when a trusted (72)________________ fails,then the systems and applications that depend on it can (73)________________ be considered secure.An often cited articulation of this principle is:‘a trusted system or component is one that can break your security policy’(which happens when the trusted system fails).The same applies to a trusted party such as a service provider(SP for short),that is,it must operate according to the agreed or assumed policy in order to ensure the expected level of security and quality of services.A paradoxical conclusion to be drawn from this analysis is that security assurance may decrease when increasing the number of trusted components and parties that a service infrastructure depends on.This is because the security of an infrastructure consisting of many trusted components typically follows the principle of the weakest link,that is,in many situations the overall security can only be as strong as the least reliable or least secure of al l the trusted components.We cannot avoid using trusted security components,but the fewer the better.This is important to understand when designing the identity management architectures,that is,fewer the trusted parties in an identity management model,stronger the security that can be achieved by it.
The transfer of the social constructs of identity and trust into digital alld computational conceptshelpsindesigningandimplementinglarge scaleonlinemarketsandcommunities,and also plays an important role in the converging mobile and Internet environments.Identity management fdenoted IdM hereafter)is about recognizing and verifying the correctness of identities in online environments.Trust management becomes a component of (74)________________ whenever different parties rely on each other for identity provision and authentication.IdM and trust management therefore depend on each other in complex ways because the correctness of the identity itself must be trusted for the quality and reliability of the corresponding entity to be trusted.IdM is also an essential concept when defining authorisation policies in personalised services.
Establishing trust always has a cost,so that having complex trust requirements typically leads to high overhead in establishing the required trust.To reduce costs there will be incentives for stakeholders to‘cut comers’regarding trust requirements,which could lead to inadequate security.The challenge is tO design IdM systems with relatively simple trust requirements.Cryptographic mechanisms are often a core component of IdM solutions,for example,for entity and data authentication.With cryptography,it is often possible to propagate trust from where it initially exists to where it is needed.The establishment of initial (75)________________ usually takes place in the physical world,and the subsequent propagation of trust happens online,often in an automated manner.
选项
A、entity
B、person
C、component
D、thing
答案
C
解析
转载请注明原文地址:https://kaotiyun.com/show/kMTZ777K
本试题收录于:
信息安全工程师上午基础知识考试题库软考中级分类
0
信息安全工程师上午基础知识考试
软考中级
相关试题推荐
(2014下集管)在项目可行性研究报告编写、提交和获得批准之前,首先要进行初步可行性研究。初步可行性研究的目的是______。
(2010下架构)某游戏公司欲开发一个大型多人即时战略游戏,游戏设计的目标之一是能够支持玩家自行创建战役地图,定义游戏对象的行为和之间的关系。针对该目标,公司应该采用______架构风格最为合适。
(2011下集管)某项目小组在定义项目的工作构成时,设计了一份材料清单来代替工作分解结构WBS,客户在对材料清单进行评审时,发现其中缺少一项会导致范围变更的需求,后来这一变更需求被补充了进去。造成这次范围变更的主要原因是______。
(2011下集管)某大型系统集成项目由多个不同的承包商协作完成,项目涉及了分别代表7家公司的24名主要干系人,项目经理陈某直接管理的团队有7名项目小组长,每个项目小组长负责一支约15人的工作组。陈某意识到必须特别注意进行有效的整体变更控制,这表明他最应该关
(2014下项管)根据《软件工程术语GB/T11457-2006》的定义,连接两个或多个其它部件,能为相互间传递信息的硬件或软件部件叫做______。
(2012上网工)802.11在MAC层采用了______协议。
(2006下项管)在信息安全保障系统的S-MIS体系架构中,“安全措施和安全防范设备”层不涉及______。
(2014下集管)某系统集成项目的项目经理需采购第三方软件插件。在编制询价计划时,由于待采购软件插件比较专业,为了更加明确采购需求,该项目经理需要使用的文件为______。
(2009上集管)合同法律关系是指由合同法律规范调整的在民事流转过程中形成的______。
某公司采用邀请招标的方式选择承建单位,实施过程中发生了如下事件:①该公司向3家单位发出招标邀请函,其中包括该公司的股东公司。②该公司8月1日发出邀请函,要求对方在8月16日提交投标书。③该公司外聘了1名法律专家,连同公司CI
随机试题
长为l、重为P的均质杆OA以球铰链O固定,已知杆运动到最低位置时的角速度为ω,如图所示。则杆与铅直线的交角为θ时,杆的动能为()。
研究人员以某大型科技公司办公区为观察对象,探索工作场所各方面因素对员工工作效率的影响。研究者发现,与坐在墙旁的人相比,位置靠窗的员工工作效率更高,精力更集中,座位面对整个房间,且视线范围内的办公桌相对较少的员工更加专注和高效。研究人员认为,办公室布局会影响
CO2气体保护焊有哪些焊接参数?
固定业户纳税人申报缴纳增值税的纳税地点________。
下列哪项不是子宫内膜癌的辅助诊断检查
A.胰岛素释放试验B.尿糖C.糖化血红蛋白D.葡萄糖耐量试验E.空腹血糖诊断糖耐量异常的指标是
关于混合层高度正确的是( )。
请结合资料12的内容,选出下列各项中与资料12中大学生观点一致的项,并说明和谁的观点一致及原因。要求:简练,准确,具体,字数在200字以内。A.农村有祖国美丽的山川、田野,我喜欢在农村生活工作,一点也不喜欢城市;B.我是土生土长的农村人,农
A、 B、 C、 D、 B分子分母交替变化。
GreatDepressionI.ThedefinitionofgreatdepressionA.definition:a【T1】______depression【T1】______B.place:America,tri
最新回复
(
0
)