LOGBOOK

HELP

Quiz Entry - updated: 2026.06.20

What are Trust Boundaries in threat modeling and why are they important?

Lines in the diagram where data crosses between different trust levels — exactly the points where an attacker can interject, so they're where you focus threat analysis.

Trust Boundaries mark where data flows cross between different trust levels.

Key concepts:

  • Point/surface where an attacker can interject
  • Add trust boundaries that intersect data flows in diagrams

Examples of trust boundaries:

  • Machine boundaries - between different computers
  • Privilege boundaries - between user and admin processes
  • Integrity boundaries - between trusted and untrusted data

Important notes:

  • Threads in a native process often share the same trust level (same privileges, rights, identifiers)
  • Processes talking across a network always have a trust boundary (even with secure channels)
  • Encrypting network traffic is an "instinctive" mitigation but doesn't address tampering or spoofing

From Quiz: SPRG / SDL and Threat Modeling | Updated: Jun 20, 2026