Database Reference
In-Depth Information
Understanding authentication and
authorization
In simple terms, authentication is the process of establishing the truth of an entity. Here, the
entity could be a user or service on the network. For example, when you log in to your e-
mail account, the e-mail server authenticates you based on your username and password. In
almost every organization, the users who are part of the organization's network need to be
authenticated before they are able to successfully log on to the network. Once the user is
authenticated, the user should be restricted to use only the services to which the user is au-
thorized.
Authorization
defines all the resources that a user can access or use. An example
of the authorization is clearly visible on a Linux system. Every file and directory has per-
missions associated with them. These permissions decide which user can read, write, or ac-
cess the file or directory.
