首页
外语
计算机
考研
公务员
职业资格
财经
工程
司法
医学
专升本
自考
实用职业技能
登录
计算机
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (
admin
2020-04-30
42
问题
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (71)________________ our welfare.In online environments we depend on a wide spectrum of things,ranging from computer hardware,software and data to people and organizations.A security solution always assumes certain entities function according to specific policies.To trust is precisely to make this sort of assumptions,hence,a trusted entity is the same as an entity that is assumed to function according to policy. A consequence of this is that a trusted component of a system must work correctly in order for the security of that system to hold,meaning that when a trusted (72)________________ fails,then the systems and applications that depend on it can (73)________________ be considered secure.An often cited articulation of this principle is:‘a trusted system or component is one that can break your security policy’(which happens when the trusted system fails).The same applies to a trusted party such as a service provider(SP for short),that is,it must operate according to the agreed or assumed policy in order to ensure the expected level of security and quality of services.A paradoxical conclusion to be drawn from this analysis is that security assurance may decrease when increasing the number of trusted components and parties that a service infrastructure depends on.This is because the security of an infrastructure consisting of many trusted components typically follows the principle of the weakest link,that is,in many situations the overall security can only be as strong as the least reliable or least secure of al l the trusted components.We cannot avoid using trusted security components,but the fewer the better.This is important to understand when designing the identity management architectures,that is,fewer the trusted parties in an identity management model,stronger the security that can be achieved by it.
The transfer of the social constructs of identity and trust into digital alld computational conceptshelpsindesigningandimplementinglarge scaleonlinemarketsandcommunities,and also plays an important role in the converging mobile and Internet environments.Identity management fdenoted IdM hereafter)is about recognizing and verifying the correctness of identities in online environments.Trust management becomes a component of (74)________________ whenever different parties rely on each other for identity provision and authentication.IdM and trust management therefore depend on each other in complex ways because the correctness of the identity itself must be trusted for the quality and reliability of the corresponding entity to be trusted.IdM is also an essential concept when defining authorisation policies in personalised services.
Establishing trust always has a cost,so that having complex trust requirements typically leads to high overhead in establishing the required trust.To reduce costs there will be incentives for stakeholders to‘cut comers’regarding trust requirements,which could lead to inadequate security.The challenge is tO design IdM systems with relatively simple trust requirements.Cryptographic mechanisms are often a core component of IdM solutions,for example,for entity and data authentication.With cryptography,it is often possible to propagate trust from where it initially exists to where it is needed.The establishment of initial (75)________________ usually takes place in the physical world,and the subsequent propagation of trust happens online,often in an automated manner.
选项
A、entity
B、person
C、component
D、thing
答案
C
解析
转载请注明原文地址:https://kaotiyun.com/show/kMTZ777K
本试题收录于:
信息安全工程师上午基础知识考试题库软考中级分类
0
信息安全工程师上午基础知识考试
软考中级
相关试题推荐
(2010上项管)某企业针对“新一代网络操作系统”开发项目进行可行性论证。在论证的最初阶段,一般情况下不会涉及到______。
(2014下集管)______不属于电子商务基础设施。
(2009下架构)电子数据交换(EDI)是电子商务活动中采用的一种重要的技术手段。以下关于EDI的叙述中,错误的是______。
(2008下项管)(2009上项管)(2010上项管)某工程包括A、B、C、D、E、F、G七项工作,各工作的紧前工作、所需时间以及所需人数如下表所示(假设每个人均能承担各项工作):该工程的工期应为______(1)天。按此工期,整个工程最少需要____
(2006下网工)ARP协议的作用是____(1),ARP报文封装在_____(2)中传送。(1)
(2010下软评)以下关于软件生命周期的叙述不正确的是______。
(2009上网工)两个公司希望通过Internet传输大量敏感数据,从信息源到目的地之间的传输数据以密文形式出现,而且不希望由于在传输结点使用特殊的安全单元而增加开支,最合适的加密方式是______(1),使用会话密钥算法效率最高的是______(2)。
(2008下项管)权变措施是在风险管理的______过程确定的。
(2009下集管)承建单位有时为了获得项目可能将信息系统的作用过分夸大,使得建设单位对信息系统的预期过高。除此之外,建设单位对信息系统的期望可能会随着自己对系统的熟悉而提高。为避免此类情况的发生,在合同中清晰地规定______对双方都是有益的。
Sometimes the processes in which people are engaged are dependent upon other processes being completed first, possibly by other
随机试题
风湿热的发病机制中下列哪项是不恰当的
28岁,初孕妇,妊娠39周,肋下有块状物,子宫呈纵椭圆形,胎先露部较软且不规则,胎心在脐上偏左
根据我国增值税法的规定,增值税的征税范围包括:()。
统一拆迁是由掌握拆迁政策、法规及具备拆迁技术的拆迁人,实施本单位建设项目的房屋拆迁工作。()
事业单位购入的固定资产,其成本包括购买价款、相关税费以及固定资产交付使用前所发生的可归属于该项资产的运输费、装卸费、安装调试费和专业人员服务费。()
某企业2016年利润总额为300万元,当年为开发新产品发生的研发费用为50万元(未形成无形资产,计入当期损益)。假设除此之外无其他纳税调整事项,税法规定研发费用可实行加计扣除政策,已知企业所得税税率为25%。则该企业2016年应缴纳企业所得税()
期望效应说明()
哲学基本问题的第一方面即物质和精神何者为第一性问题是()。
OffersWe’llrefund3XthedifferenceWithournewPRICEWATCHpromiseonselecteditemsweaimtoofferthe
A、Itwillbringherpotentialintofullplay.B、Itwillinvolvelotsoftraintravel.C、ItwillenablehertoimproveherChines
最新回复
(
0
)