Transitive Trust

In Chapter 8 of the CISSP book 7th Edition it states the following:

Transitive trust is the concept that if A trusts B and B trusts C, then A inherits trust of C through the transitive property... In the previous example, when A requests data from B and then B requests data from C, the data that A receives is essentially
from C.

In my opinion this is NOT correct.

A trusting B grants A no RIGHTS. It grants B rights to A.
A trusting B and B trusting C grants A no RIGHTS. Through the transitive property C inherits rights to A through B.

The correct statement would be the following:
If B trusts A and C trusts B, then C trusts A.

Please correct me, if I am mistaken. Thank you.
Jim

Find more posts tagged with

Comments

chagla

Hi,

It gets a little trickier because trust direction can be "one way" OR "two way". Assuming the trust is a "two way" relationship the book is right. If it's one way, then your explanation is right. So you have to know the direction. Simply saying "transitive" doesn't provide enough information about the direction...

thorough details from Microsoft - https://technet.microsoft.com/en-us/library/cc773178(v=ws.10).aspx

GSXR750K2

Like Forrest Gump, I may not be a smart man, but I would surmise that the "trust" between any two of the objects is two-way, otherwise data could only flow in one direction, and without being able to receive requests/acks on the non-trusted end, the whole thing could be kind of moot.

I don't CISSP, but I do like thought exercises.

That being said, you're argument does sound technically correct.

-EDIT-

chagla enlightened us both.