Traditionally operating systems, such as a UNIX operating system (OS), have a clear distinction between ordinary unprivileged users and the powerful super user with a “root” privilege. However, in order for a user to access and configure hardware additional privileges and rights are needed. This has been done in a number of often OS-specific ways. For example, some systems usually grant access to devices to a user if, and only if, the user is logged in at a local console. In contrast, other systems often rely on group membership, e.g. users in the “cdrom” group can access optical drives; users in the “plugdev” group can mount removable media; and so on.
Traditionally, authentication and authorization are two distinctive processes that require separate processing entities. There has been a lack of an efficient way for authenticating and authorizing a user session for accessing a privileged application.