Chapter 12. What Is a Security Principal?
A security principal is an entity that can be positively identified and verified via a technique known as authentication (Item 6). Usually when people think of security principals, they think of users, but there's a bit more to it than that. I like to think of three different types of principals:
Here's an example. Imagine that we have two machines in a domain called
DOM\Alice is logged into
MAC1 interactively. Now a bunch of network requests that originate from
MAC1 are serviced by
MAC2. If those requests are authenticated, which security principal will
MAC2 see for any given request?
The answer is that I've not given you enough ...