Verify security context propagates correctly from TOR to AOR - Verify that directly connecting to an AOR (bypassing the TOR) still enforces security - Verify surrogate user processing across MRO boundaries