This document outlines some key security concepts that are important for architects to understand, including the differences between identity, authentication, and authorization. It explains that identity is verified through authentication, such as with a username and password, but identity information is stored in LDAP directories rather than databases. It also describes how authorization tokens obtained through single sign-on allow users to access resources based on their permissions and group memberships, as defined in LDAP or through standards like SAML, OAuth, and OpenID.