What is Trust Boundary?

A trust boundary is any point in a system where the level of trust changes — for example, where user input enters an application, where a service calls an external API, or where data crosses from a public network into an internal one.

Trust boundaries matter in threat modeling because they are exactly where threats tend to concentrate. Data crossing a trust boundary should be authenticated, authorized, and validated; failing to do so is the root cause of many vulnerabilities, from injection to privilege escalation.

On a data flow diagram, trust boundaries are often drawn as dotted lines. Identifying them correctly is essential to producing an accurate threat model.