From ac63d68b770cc7eb7720c045f424427dd10c8dd0 Mon Sep 17 00:00:00 2001
From: Hrushikesh Vaidya <hrushikeshrv@gmail.com>
Date: Sat, 29 Jun 2024 14:20:47 +0530
Subject: [PATCH] Added MIT 6.857 lec 2

---
 6.858/lec2.md | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/6.858/lec2.md b/6.858/lec2.md
index 3618d4c..30fa6b9 100644
--- a/6.858/lec2.md
+++ b/6.858/lec2.md
@@ -45,4 +45,10 @@ Now, we don't want every service to be 100% isolated all the time. We want servi
                       +-----------------------+
                       HOST enforcing isolation
 ```
-In the diagram above, a principal can be a user, a device, a service, etc.
\ No newline at end of file
+In the diagram above, a principal can be a user, a device, a service, etc. Resources can be services, like Gmail or Drive, or files and user data.
+
+The guard performs three functions -
+
+1. Authenticate - Identifies who is issuing the request.
+2. Authorize - Determines whether that request should be allowed.
+3. Audit - Records each request along with its authentication and authorization information, and other useful metadata.