Authorization service on UNIX systems

On these platforms:

Principal
Is a UNIX(R) system user ID, or an ID associated with an application program running on behalf of a user.
Group
Is a UNIX system-defined collection of principals.

Authorizations can be granted or revoked at the group level only. A request to grant or revoke a user's authority updates the primary group for that user.