Confused deputy problem

From Wiki @ Karl Jones dot com
Jump to: navigation, search

A confused deputy is a computer program that is innocently fooled by some other party into misusing its authority.

Description

It is a specific type of privilege escalation.

In information security, the confused deputy problem is often cited as an example of why capability-based security is important, as capability systems protect against this whereas access control list-based systems do not.

See also

External links

Retrieved from "http://wiki.karljones.com/index.php?title=Confused_deputy_problem&oldid=19608"