We are highly thankful to AM green HRD given wonderful training to boost integrated management system.- Information security management system .
Security Authentication vs. Authorization
| A Quick GuideIn information security, authorization is the process of granting a user permission to access a specific resource or function. It's often used interchangeably with access control or client privilege.
Here are some examples of authorization:
Allowing a user to download a file from a server
Giving a user administrative access to an application
Assigning a user to a role with specific permissions
Authorization is often used in conjunction with authentication, which is the process of verifying that a user's identity is genuine. In secure environments, authorization must always follow authentication.
Some methods of authorization include:
Role-based access control (RBAC)
Assigns users to roles based on their job responsibilities. Each role has a set of permissions that determine what actions the user can perform.
Discretionary access control (DAC)
Allows the resource owner to manage access control by assigning permissions to specific users or groups.
OAuth
An authorization framework that allows a user to consent to an application interacting with another on their behalf.
No comments:
Post a Comment