•Authentication information:
–Request: "please provide authentication info about
John Doe (the user)"
–Response: "John Doe was authenticated on ____
(datetime) by the user presenting
a password over a protected session.
This authentication info is valid
during this ____ datetime."
•Attribute information:
–Request: "please tell me John Doe's credit
line"
–Response: "John Doe has a credit line of
$5,000"
•Entitlement (authorization) information:
–Request: "Is John Doe entitled to read the employee
salaries?"
–Response: "John Doe should be denied read access to
the employee salaries"