Chapter 12. What Is a Security Principal?

A security principal is an entity that can be positively identified and verified via a technique known as authentication (Item 6). Usually when people think of security principals, they think of users, but there's a bit more to it than that. I like to think of three different types of principals:

User principals
Machine principals
Service principals

Here's an example. Imagine that we have two machines in a domain called DOM, named MAC1 and MAC2. DOM\Alice is logged into MAC1 interactively. Now a bunch of network requests that originate from MAC1 are serviced by MAC2. If those requests are authenticated, which security principal will MAC2 see for any given request?

The answer is that I've not given you enough ...

Get The .NET Developer's Guide to Windows Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The .NET Developer's Guide to Windows Security by Keith Brown

Chapter 12. What Is a Security Principal?

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly