Professional Documents
Culture Documents
Os
Os
Authentication:
Identity Verification: Authentication is the process of verifying the identity of a user, device, or
system component.
Credentials: It involves the use of credentials such as usernames and passwords, biometrics, or
security tokens to confirm the user's identity.
Access Grant: Once authenticated, the system grants the user access based on the verified
identity.
Authorization:
Permission Levels: Authorization, on the other hand, is the process of determining what actions
or resources a user is allowed to access after being authenticated.
Access Control: It involves defining and enforcing access control policies, specifying what
specific operations or data the authenticated user can or cannot access.
Granularity: Authorization can be more granular, allowing administrators to set specific
permissions for different users or groups based on their roles or responsibilities.
Post-Authentication: Authorization occurs after authentication, ensuring that even authenticated
users only have access to the resources or actions they are explicitly permitted to use.