 | This article does not cite any sources. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "Security domain" – news · newspapers · books · scholar · JSTOR (February 2022) (Learn how and when to remove this message) |
A security domain is an application or a set of applications that collectively rely on a shared security token for processes such as authentication, authorization, and session management. In essence, a security token is granted to a user following their active authentication using a user ID and password within the security domain. The token establishes a foundation of trust, enabling secure interactions across the applications within the defined security domain.
A security domain is the determining factor in the classification of an enclave of servers/computers. A network with a different security domain is kept separate from other networks. For example, NIPRNet, SIPRNet, JWICS, and NSANet are all kept separate.
Examples of a security domain include:
- All the web applications that trust a session cookie issued by a Web Access Management product
- All the Windows applications and services that trust a Kerberos ticket issued by Active Directory
In an identity federation that spans two different organizations that share a business partner, customer or business process outsourcing relation – a partner domain would be another security domain with which users and applications (from the local security domain) interact.
 | This computer networking article is a stub. You can help Misplaced Pages by expanding it. |