A computer system as recited in claim 21, wherein the local security authority is configured to authenticate the identity of a user, to determine a credential corresponding to the user, and to determine authorization information associated with both the user and an application by receiving user information and exchanging information, including information representing at least a part of the user i