Which one of the following is not a correct statement?
2024
Which one of the following is not a correct statement?
- A.
The Distributed Audit Service offers accountability for users accessing a system.
- B.
The CardSpace and OpenID specifications support the authentication type of data object.
- C.
Distributed transaction systems such as Cloud Computing Systems, Internetworks and several others usually increase the obstacles faced by identity management systems.
- D.
All of the above
Show answer & explanation
Correct answer: B
In identity management (IdM) for distributed and cloud systems, federated-identity specifications such as OpenID and CardSpace exist specifically to authenticate end users -- they standardize how a user's digital identity is represented and verified across independent systems, using identity claims issued by a trusted identity provider. Separately, an audit mechanism such as a Distributed Audit Service exists to trace and attribute user actions to a specific identity across a distributed system, and as a system becomes more distributed -- spanning internetworks, cloud platforms, and multiple trust domains -- the burden on its identity management layer (reconciling credential formats, trust relationships, and policies) grows accordingly.
Checking each statement against this:
The Distributed Audit Service offering accountability for users accessing a system matches the audit/accountability role described above, so this statement is accurate.
Distributed transaction systems (internetworks, cloud computing, and similar environments) increasing the obstacles faced by identity management systems matches the "more distribution means more identity-management burden" principle above, so this statement is accurate too.
The claim that the CardSpace and OpenID specifications support "the authentication type of data object" mischaracterizes their purpose: both specifications exist to authenticate end users by standardizing their digital identity representation, not to define or support a generic, undefined "data object" authentication type. This substitutes vague terminology for a specific, well-defined purpose, which is exactly why this statement does not hold.
Since two of the three individual statements are accurate and only the claim about CardSpace and OpenID is not, an option requiring every statement above to be inaccurate cannot be correct either -- the statement that fails to hold is specifically the one describing CardSpace and OpenID as supporting an authentication type of data object.