| 1 |
Credential. A credential is a piece of information that is used to prove the identity of a subject. Examples of a credential include passwords and private keys. We distinguish between credentials that are introduced by Globus, Globus credential, and credentials that are used only on a specific resource, resource credential,
|
| 2 |
Subject. Authorization is the process by which we determine if a subject is allowed to access or use and object. In Globus, a subject is generally a user, or a process operating on behalf of a user.
-
A Globus subject is a subject that is recognized by components in the Globus system.
-
A resource subject is a subject that is only recognized by a specific resource.
|
| 3 |
Trust. We say that A trusts B if A assumes that any information sighed by B is believed by B to be "correct".
|
| 4 |
Trust Domain. A trust domain is an administrative structure within which local security policy holds. For example, authentication may not be required between subjects within a trust domain.
|
