In
computer security, the
principle that access to one
system grants
access to another, without need to
authenticate to the second system. Transitive trust is usually the
bane of security in any design.
Most client-server models that use client authentication fall prey to transitive trust. The user authenticates themself to the application on their desktop, which requests data from the server. The server trusts the client-side application; gaining control of the client application also gives one control of the server.
The key feature of transitive trust is that it is blind to an endpoint - it trusts a middlepoint, which is trusting something further down the line.