Trust boundary

Trust boundary is a term used in computer science and security which describes a boundary where program data or execution changes its level of "trust", or where two principals with different capabilities exchange data or commands. The term refers to any distinct boundary where within a system all sub-systems (including data) have equal trust.[1] An example of an execution trust boundary would be where an application attains an increased privilege level (such as root).[2] A data trust boundary is a point where data comes from an untrusted source--for example, user input or a network socket.[3]

A "trust boundary violation" refers to a vulnerability where computer software trusts data that has not been validated before crossing a boundary.[4]

References

  1. ^ Peter Stavroulakis; Mark Stamp (2010). Handbook of Information and Communication Security. Springer. p. 13.
  2. ^ Ari Takanen; Jared DeMott; Charles Miller (2008). Fuzzing for software security testing and quality assurance. Artech House. p. 60. ISBN 978-1-59693-214-2.
  3. ^ John Neystadt (February 2008). "Automated Penetration Testing with White-Box Fuzzing". Microsoft. Retrieved 2009-05-14.
  4. ^ "Trust Boundary Violation". OWASP. Archived from the original on 2011-05-19.
Stub icon

This computer security article is a stub. You can help Wikipedia by adding missing information.

Content Disclaimer

Informasi ini disarikan dari Wikipedia dan disajikan kembali untuk tujuan edukasi. Konten tersedia di bawah lisensi CC BY-SA 3.0. Kami tidak bertanggung jawab atas ketidakakuratan data yang bersumber dari kontribusi publik tersebut.

  1. The information displayed on this website is sourced in part or in whole from Wikipedia and has been adapted for the purpose of restating it. We strive to provide accurate and relevant information, however:
  2. There is no guarantee of absolute accuracy. Wikipedia is an open, collaborative project that can be edited by anyone, so information is subject to change.
  3. It is not intended to constitute professional advice. The content displayed is for informational and educational purposes only. For important decisions (e.g., medical, legal, or financial), please consult a professional.
  4. Content copyright. Wikipedia is licensed under the Creative Commons Attribution-ShareAlike License (CC BY-SA). This means that content may be reused with appropriate attribution and shared under a similar license.
  5. Responsible use. Any risk arising from the use of information from this website is entirely the responsibility of the user.