Resumen
Trust and trustworthiness are foundations of security: Home-owners trust lock manufacturers to create quality locks to protect their homes. Some locks are trustworthy, others are not. Businesses trust security guards to admit only authorized personnel into sensitive areas. Some security guards should be trusted, some should not. Computer Gateway Interface programmers trust users to provide valid inputs to the data fields on Web pages. Although most users can be trusted, some cannot. The basis for these trust relationships and how they are formed can dramatically affect the underlying security of any system-be it home protection or online privacy. Because these trust assumptions are often illusive, software development efforts seldom handle these assumptions correctly. Several common ways in which erroneous trust assumptions in software applications can wreak havoc on the security of those applications are explored here. One consider the common trust assumptions and why they are often wrong, how these trust assumptions can arise during an application's development process and how to minimize the number of problematic trust assumptions in an application. A trust relationship is a relationship involving multiple entities.