Given a principal's name and password, the NOS security service authenticates this principal using either public key or private key algorithms. Authentication is valid for a finite period of time. Proxy and delegation are supported.
A proxy is a principal that acts on another principal's behalf. For all practical purposes, the proxy becomes the principal. The security system allows the proxy to continue, but logs the fact that it was the proxy and not the principal that accomplished the task.
Delegation temporarily grants one principal's capability to another principal.
Actions include login and logout, delegate, and proxy.