本文讨论了计算机安全中的一些关键术语,如主体(principal),它指可以执行操作的用户、服务或代理;凭证(credentials),用于身份验证的过程;以及授权(authorization),确定主体是否被允许执行特定操作的过程。
Enterprise Application Security Choices
Typical Requirements
Let’s briefly recap some of the key iterms used when discussed computer security. The term principal refers to a user, service, or agent who can can perform an operation. A principal presents credentials such as a password in order to allow authentication, which is the process of establishing the identity of a caller. Authorization refers to the process of determining whether a principal (authenticated or non-authenticated) is permitted to perform a given operation.
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
