Trust boundary
Encyclopedia
Trust boundary is a term in computer science
and security
used to describe a boundary where program data or execution changes its level of "trust". The term refers to any distinct boundary within which a system
trusts all sub-systems (including data). An example of an execution trust boundary would be where an application attains an increased privilege level
(such as root
). A data trust boundary is a point where data comes from an untrusted source. For example, user input or a network socket
A "trust boundary violation" refers to a vulnerability
where computer software trusts data that has not been validated before crossing a boundary.
Computer science
Computer science or computing science is the study of the theoretical foundations of information and computation and of practical techniques for their implementation and application in computer systems...
and security
Computer security
Computer security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to...
used to describe a boundary where program data or execution changes its level of "trust". The term refers to any distinct boundary within which a system
System
System is a set of interacting or interdependent components forming an integrated whole....
trusts all sub-systems (including data). An example of an execution trust boundary would be where an application attains an increased privilege level
Privilege (Computing)
In computing, privilege is defined as the delegation of authority over a computer system. A privilege is a permission to perform an action. Examples of various privileges include the ability to create a file in a directory, or to read or delete a file, access a device, or have read or write...
(such as root
Superuser
On many computer operating systems, the superuser is a special user account used for system administration. Depending on the operating system, the actual name of this account might be: root, administrator or supervisor....
). A data trust boundary is a point where data comes from an untrusted source. For example, user input or a network socket
Internet socket
In computer networking, an Internet socket or network socket is an endpoint of a bidirectional inter-process communication flow across an Internet Protocol-based computer network, such as the Internet....
A "trust boundary violation" refers to a vulnerability
Vulnerability (computing)
In computer security, a vulnerability is a weakness which allows an attacker to reduce a system's information assurance.Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw...
where computer software trusts data that has not been validated before crossing a boundary.