Security principal
Encyclopedia
A principal in Computer Science is an entity that can be authenticated
by a computer system or network. Authentication is the process of validating and confirming the identity of such an entity.
Principals, in addition to being able to be authenticated, are typically capable of being assigned rights and privileges over resources in the network. Together, the ability to authenticate a principal and to grant rights and privileges to it allow the entity represented by the principal to access resources on the network.
The two most common types of principals are users (representing physical persons or functional accounts used for representing a computational entity) and computers, which correspond to physical or virtual systems connected to the network. Some systems allow for other types of principals such as those representing services (without an associated user account).
Typically a principal has an associated identifier (such as a security identifier
) that allows for the principal to be referenced for purposes of identification or assignment of properties and permissions.
This concept is also referred as security principal in the Java
or Microsoft
literature.
Authentication
Authentication is the act of confirming the truth of an attribute of a datum or entity...
by a computer system or network. Authentication is the process of validating and confirming the identity of such an entity.
Principals, in addition to being able to be authenticated, are typically capable of being assigned rights and privileges over resources in the network. Together, the ability to authenticate a principal and to grant rights and privileges to it allow the entity represented by the principal to access resources on the network.
The two most common types of principals are users (representing physical persons or functional accounts used for representing a computational entity) and computers, which correspond to physical or virtual systems connected to the network. Some systems allow for other types of principals such as those representing services (without an associated user account).
Typically a principal has an associated identifier (such as a security identifier
Security Identifier
In the context of the Microsoft Windows NT line of operating systems, a Security Identifier is a unique name which is assigned by a Windows Domain controller during the log on process that is used to identify a subject, such as a user or a group of users in a network of NT/2000...
) that allows for the principal to be referenced for purposes of identification or assignment of properties and permissions.
This concept is also referred as security principal in the Java
Java (programming language)
Java is a programming language originally developed by James Gosling at Sun Microsystems and released in 1995 as a core component of Sun Microsystems' Java platform. The language derives much of its syntax from C and C++ but has a simpler object model and fewer low-level facilities...
or Microsoft
Microsoft
Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...
literature.
External links
- RFC 2744 - Generic Security Service API Version 2.
- RFC 5397 - WebDAV Current Principal Extension.
- RFC 4121 - The Kerberos Version 5 Generic Security Service Application Program Interface (GSS-API) Mechanism: Version 2.