3.1.4 Determining Whether a Caller Is the Same User Who Logged onto the Session
During processing of methods that implement access checks of whether the caller is the same user who logged onto the session, this protocol performs access security verification on the caller's identity by checking whether the SID of the user logged onto the session is the same as the SID that represents the user account in the caller's token.