Trust Boundary and Entry Point

Trust Boundary: a place where two entities with different permissions interact with one another. Threats often come from trust boundaries.

Example: a user from the internet interacts with a web server on corporate network –> trust boundary between user (not trusted) and web server (trusted).

Entry Point: a “door” into your system; user began the interaction and data is entered. Entry points are always trust boundaries but reverse is not true.

Links to this page