Trust boundary

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Trust boundary is a term used in computer science and security which describes a boundary where program data or execution changes its level of "trust," or where two principals with different capabilities exchange data or commands. The term refers to any distinct boundary where within a system all sub-systems (including data) have equal trust.[1] An example of an execution trust boundary would be where an application attains an increased privilege level (such as root).[2] A data trust boundary is a point where data comes from an untrusted source--for example, user input or a network socket.[3]

A "trust boundary violation" refers to a vulnerability where computer software trusts data that has not been validated before crossing a boundary.[4]

References[edit]

  1. ^ Peter Stavroulakis; Mark Stamp (2010). Handbook of Information and Communication Security. Springer. p. 13.
  2. ^ Ari Takanen; Jared DeMott; Charles Miller (2008). Fuzzing for software security testing and quality assurance. Artech House. p. 60. ISBN 978-1-59693-214-2.
  3. ^ John Neystadt (February 2008). "Automated Penetration Testing with White-Box Fuzzing". Microsoft. Retrieved 2009-05-14.
  4. ^ "Trust Boundary Violation". OWASP. Archived from the original on 2011-05-19.