问题是你如何产生它的方式,服务信任。
The questions is how do you generate it in a way that the service trusts.
该模型将信任分为服务信任和反馈信任,提出了双信任的存储、计算和更新算法,以及信任传播机制。
Trust consists of service trust and feedback trust in our model, it collects trust information by topology adaptive algorithm and propagates the information in a certain range.
“我向你们保证,我们必然会经历[失误],”他说。这段谈话会强迫人们重新考虑对于云服务的信任,重要的数据保存在上面是否安全。
"I guarantee you, there will be [a failure] in due course," he said, one that will force a recalibration of the faith people put cloud services for critical data preservation.
一旦身份验证完成,接受服务器将验证上游服务器是否受信任,可以执行标识断言。
Once the authentication is complete, the receiving server will verify that the upstream server is trusted to perform identity assertion.
在此模型中,ESB和提供者服务之间的信任与前面esb执行身份验证时的情况一样。
In this model the trust between the ESB and a provider service is the same as the previous case where the ESB executes the authentication.
目标服务器必须将发送服务器列入到受信任的服务器列表中。
The target server has to list the sending server on the trusted servers list.
对于这种信任,客户机必须信任签署服务器证书的CA。
For this trust, a client must trust the ca which signed the server certificates.
目标服务器接收请求,检索gss令牌,提取服务器标识,对其进行身份验证,并与受信任的服务器标识列表进行比较。
The target server receives the request, retrieves the GSS token, extracts the server identity, authenticates it, and compares it to the list of trusted servers' identities.
客户端配置为信任服务密钥或令牌,而服务配置为信任客户端密钥或令牌。
The client is configured to trust the service keys or tokens and the service is configured to trust the client keys or tokens.
目标服务器必须将发送服务器列入到受信任的服务器列表中。
The target server must list the sending server on the trusted servers list.
提供者服务会将ES b视为受信任用户,所有请求都使用ESB的标识或esb上已知的受信任服务的标识发出。
Provider services still regard the ESB as a trusted user and all requests are made under the identity of the ESB or of a known trusted service on the ESB.
通过这一举措,顾客得到保证,他们的包裹已经被妥善地处理,从而进一步提升了顾客对联合包裹服务的信任度。
Through this, the customers could be ensured that their baggage was handled carefully, thus further enhancing the reliability of UPS services.
将信任文件名设置为服务器SSL 信任文件的文件系统中的完整路径;
Set the trust file name to the full path in the file system of your server SSL trust file; for example /serverssltrusts.
要用安全信任服务在客户端上配置SSL通信,请完成以下步骤。
To configure SSL communication on the client with the security trust service, complete the following steps.
请使用tcpmon工具来捕获并验证客户端、提供者和信任服务之间的通信。
Use the tcpmon tool to capture and verify communications between the client, provider and trust service.
为了确认,您的应用服务器密钥文件中应包含jmsclient证书,同时应用服务器信任文件中应包含两个签名者证书,如图13所示。
To verify, your application server key file should contain the jmsclient certificate, and the application server trust file should contain two signer certificates, as shown in Figure 13.
应用服务器必须信任Web服务器已经正确地完成证书身份验证。
The application server must trust that the Web server has done proper certificate authentication.
将信任文件名设置为服务器SSL 信任文件的文件系统中的完整路径;例如,/clientssltrusts.jceks,其中 为密钥文件的位置。
Set the trust file name to the full path in the file system of your server SSL trust file; for example, /clientssltrusts.jceks, where is the location of your key file.
现在,您的应用服务器密钥和信任文件的所有证书都已处于正确的位置。
All the certificates are now in the right places for your application server key and trust files.
如果我们限制服务器上受信任的签署者,我们就连谁能完成SSL握手都可以限制。
If we limit the signers we trust on the server, we can limit who can even complete that SSL handshake.
发送和目标服务器必须相互信任。
入站映射主要依赖于发送和目标服务器之间的信任关系。
Inbound mapping heavily relies on the trust between the sending and the target servers.
应该检查客户机和服务器上的信任存储库,删除任何不需要的签署者。
You should review the trust stores on the clients and servers and remove any signers which are not needed.
验证信任服务链模块中的实例的顺序是否正确。
Verify the order of the instances in the trust service chain modules is correct.
因为我们的客户机证书将是自签署的,所以我们需要将客户机的公钥证书配置为服务器受信任的签署者。
Because our client certificate will be self-signed, we'll need to configure the client's public key certificate as a trusted signer for the server.
目标服务器接收请求,检索gss令牌,提取服务器标识,并与受信任的服务器标识列表进行比较。
The target server receives the request, retrieves the GSS token, extracts the server identity and compares it to the list of trusted server identities.
您可以从应用服务器信任存储文件中删除任何不需要的签名密钥,以防止出现这种情况。
You can remove any unneeded signing keys from the application server trust store files to prevent this.
每种类型的安全服务器都需要实现信任关联拦截器(TAI)。
An implementation of the Trust Association Interceptor (TAI) is required for every type of security server.
从DMZ服务器到受信任区域的服务器之间没有使用SSL。
从DMZ服务器到受信任区域的服务器之间没有使用SSL。
应用推荐