首页
外语
计算机
考研
公务员
职业资格
财经
工程
司法
医学
专升本
自考
实用职业技能
登录
计算机
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (
admin
2020-04-30
33
问题
Trust is typically interpreted as a subjective belief in the reliability,honesty and security of an entity on which we depend (71)________________ our welfare.In online environments we depend on a wide spectrum of things,ranging from computer hardware,software and data to people and organizations.A security solution always assumes certain entities function according to specific policies.To trust is precisely to make this sort of assumptions,hence,a trusted entity is the same as an entity that is assumed to function according to policy. A consequence of this is that a trusted component of a system must work correctly in order for the security of that system to hold,meaning that when a trusted (72)________________ fails,then the systems and applications that depend on it can (73)________________ be considered secure.An often cited articulation of this principle is:‘a trusted system or component is one that can break your security policy’(which happens when the trusted system fails).The same applies to a trusted party such as a service provider(SP for short),that is,it must operate according to the agreed or assumed policy in order to ensure the expected level of security and quality of services.A paradoxical conclusion to be drawn from this analysis is that security assurance may decrease when increasing the number of trusted components and parties that a service infrastructure depends on.This is because the security of an infrastructure consisting of many trusted components typically follows the principle of the weakest link,that is,in many situations the overall security can only be as strong as the least reliable or least secure of al l the trusted components.We cannot avoid using trusted security components,but the fewer the better.This is important to understand when designing the identity management architectures,that is,fewer the trusted parties in an identity management model,stronger the security that can be achieved by it.
The transfer of the social constructs of identity and trust into digital alld computational conceptshelpsindesigningandimplementinglarge scaleonlinemarketsandcommunities,and also plays an important role in the converging mobile and Internet environments.Identity management fdenoted IdM hereafter)is about recognizing and verifying the correctness of identities in online environments.Trust management becomes a component of (74)________________ whenever different parties rely on each other for identity provision and authentication.IdM and trust management therefore depend on each other in complex ways because the correctness of the identity itself must be trusted for the quality and reliability of the corresponding entity to be trusted.IdM is also an essential concept when defining authorisation policies in personalised services.
Establishing trust always has a cost,so that having complex trust requirements typically leads to high overhead in establishing the required trust.To reduce costs there will be incentives for stakeholders to‘cut comers’regarding trust requirements,which could lead to inadequate security.The challenge is tO design IdM systems with relatively simple trust requirements.Cryptographic mechanisms are often a core component of IdM solutions,for example,for entity and data authentication.With cryptography,it is often possible to propagate trust from where it initially exists to where it is needed.The establishment of initial (75)________________ usually takes place in the physical world,and the subsequent propagation of trust happens online,often in an automated manner.
选项
A、no longer
B、never
C、always
D、often
答案
A
解析
转载请注明原文地址:https://kaotiyun.com/show/tMTZ777K
本试题收录于:
信息安全工程师上午基础知识考试题库软考中级分类
0
信息安全工程师上午基础知识考试
软考中级
相关试题推荐
(2009下架构)软件架构需求是指用户对目标软件系统在功能、行为、性能、设计约束等方面的期望。以下活动中,不属于软件架构需求过程范畴的是______。
(2014下集管)项目的成本估算要经过识别并分析成本的构成科目、估算每一科目的成本大小、分析成本估算结果三个步骤。在第一个步骤中无法形成的是______。
(2005下项管)(2006上系管)上某市标准化行政主管部门制定并发布的工业产品安全的地方标准,在其行政区域内是______。
(2010上集管)可以实现在Internet上任意两台计算机之间传输文件的协议是______。
(2005下项管)在下列网络服务中,_______(1)是远程登录服务,Internet中域名与IP地址之间的翻译是由______(2)来完成的。(1)
(2008上项管)常见的软件开发模型有瀑布模型、演化模型、螺旋模型、喷泉模型等。其中_______(1)适用于需求明确或很少变更的项目,_______(2)主要用来描述面向对象的软件开发过程。(2)
(2010下集管)在几种不同类型的软件维护中,通常情况下______所占的工作量最大。
(2007下项管)在面向对象方法中,对象可看成属性(数据)以及这些属性上的专用操作的封装体。封装是一种_____(1)技术。类是一组具有相同属性和相同操作的对象之集合,类的每个对象都是这个类的一个_____(2)。(1)
(2006下项管)802.11标准定义了3种物理层通信技术,这3种技术不包括______。
For users, microkernel technology promises(90), compact and sophisticated operating systems that are typically(91)across a range
随机试题
下列何种情况下药物在远曲小管重吸收率高而排泄慢:
胸部侧位标准片所见,描述错误的是
某患者,长久站立不动,一只胳膊上举,一只胳膊环抱脖子,达数小时。患者对周围环境充耳不闻,对任何让他变换姿势的命令均不服从。该症状常见于哪种疾病
英国在新城运动中具有代表性的城市有:
下列关于诉讼时效的说法正确的有()。
回归系数检验不显著的原因主要有()。Ⅰ.变量之间的多承共线性Ⅱ.变量之间的异方差性Ⅲ.同模型变量选择的不当Ⅳ.模型变量选择没有经济意义
赵某在某区经营自制熟食已经有一段时间,因其所作熟食味道独特,食客颇众。但区卫生局接到举报称赵某在所制熟食中加入了“鸦片”,遂决定对赵某展开调查。赵某得知后,欲起诉卫生局。下列说法正确的是()。
2010年,PRS集团发布了年度风险评估指南(PRG),其中某国的得分为86分,则该国的国家风险()。
课程计划
《中华人民共和国国民经济和社会发展第十三个五年规划纲要》指出,到2020年国内生产总值和城乡居民人均收入比()年翻一番,主要经济指标平衡协调,发展质量和效益明显提高。
最新回复
(
0
)