| 翻訳と辞書 |
| Trust on first use : ウィキペディア英語版 |
Trust on first use
TOFU or TUFU are information security slang acronyms which mean Trust On First Use or Trust Upon First Use. This model refers to the network software security model whereby client software, upon connecting to a new server, is prompted to accept and record some form of token to identify the remote server. For example, SSH protocol implementations are designed to issue a warning when the key of a server has changed: ''WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!''. Perhaps more commonly, the secure HTTPS protocol for web browsers is widely accepted, but has one fatal flaw: users ignore certificate error warnings.
==Model strengths and weaknesses==
The single largest strength of any TOFU style model is that a human being must initially validate every interaction. A common application of this model is the use of ssh-rpc 'bot' users between computers, whereby public keys are distributed to a set of computers for automated access from centralized hosts. The TOFU aspect of this application forces a sysadmin (or other trusted user) to validate the remote servers identity upon first connection.
The largest weakness of any TOFU style model is that a human being must initially validate every interaction, which does not scale infinitely, and can quickly scale beyond the capabilities of any group of people using and managing computers with a need for trusted and secure protocols. People tend to approve without verification, not to mention the increased surface area for human error.
抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』
■ウィキペディアで「Trust on first use」の詳細全文を読む
スポンサード リンク
| 翻訳と辞書 : 翻訳のためのインターネットリソース |
Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.
|
|