Principal (computer security)

A principal in computer security is an entity that can be authenticated by a computer system or network. It is referred to as a security principal in Java and Microsoft literature.^[1]

Principals can be individual people, computers, services, computational entities such as processes and threads, or any group of such things.^[1] They need to be identified and authenticated before they can be assigned rights and privileges over resources in the network. A principal typically has an associated identifier (such as a security identifier) that allows it to be referenced for identification or assignment of properties and permissions.

A principal often becomes synonymous with the credentials used to act as that principal, such as a password or (for service principals) an access token or other secrets.^[2]

^ ^a ^b "What Are Security Principals?", docs.microsoft.com, 19 April 2017.
^ Ami Hollander (2024-01-20). "Workshop: Security Principals".

[docsmsft-1] "What Are Security Principals?", docs.microsoft.com, 19 April 2017.

[2] Ami Hollander (2024-01-20). "Workshop: Security Principals".

[1]

[2]

Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker.

Principal (computer security)

Our website is made possible by displaying online advertisements to our visitors.
Please consider supporting us by disabling your ad blocker.