What are the two access methods that can be utilized by Force.com canvas?

The two access methods utilized by Force.com canvas are OAuth and Signed Request.

OAuth is a robust authentication framework that allows applications to securely connect to Salesforce on behalf of users without sharing their passwords. It provides a way to authorize third-party applications to perform actions or access data on behalf of the user, enhancing security and user experience.

Signed Request is a method used in the context of Canvas applications that allows the application to verify the identity of the requestor. When a Canvas application is invoked, Salesforce generates a signed request containing information about the user and the context in which the application was launched. This helps the application ascertain the legitimacy of the request, as it can validate the signature included in the request to ensure it's coming from a trusted Salesforce environment.

Both OAuth and Signed Request play crucial roles in ensuring secure data exchange and authentication between the Force.com platform and external applications, thus supporting the core purpose of the Canvas framework.