The security context is a GAA API data structure. It stores information relevant to access control. Some of its constituents follow:
Identity represents verified authentication information, such as access identity for a particular security mechanism.
This type of attributes represents verified authorization credentials, such as capabilities, group membership, group non-membership, delegated credentials. Delegation may be implemented using restricted proxies [2].
These functions are called to evaluate application-specific restrictions, to request additional credentials and verify them.