Authentication & Authorization
Authorization:
It is the process of allowing somebody to access a specific object
Restriction Criteria for Authorization:
There are various types of criteria through which you can restrict unknown authorization like
Restrict Access through group
For Example:
Administrators have more access than a normal user
Time Frame and Dates:
You can restrict access of a subject to an object by restricting it through a time frame like someone can access a particular data from 5-8 PM and after that specific time, that particular subject cannot access that data.
OR on specific dates like from Monday to Thursday.
Restrict Access By Physical Location:
You can restrict people's authorization to specific files based on location for example you want only USA people can access these files.
Restrict Access by Transaction Type:
You may want some people to only read some files or may want to read and write as well.
领英推荐
Need to Know:
It means that just access the information that is needed for a particular role of an individual.
If a person's job duty requires access to those files then that person can access those files or resources.
Single Sign-on (SSO):
It is mostly used in enterprises. You log in once and this will allow you to access websites or other resources. It is a single one-time login process.
Authentication:
Authentication is identity proof. Most of the systems will ask you for your identity and authentication.?
For Example:
Your username and password will be your identity proof.
The password will give you authentication and your username will give you identification.
Kerberos is a protocol that is used for implementing sign-on.
Mutual Authentication:
Mutual Authentication such as CHAP. These are the authentication processes that are used to communicate between two systems. They rely on a secret key or a pre-shared key.
Security ID:
In the Active Directory, we have a security ID which basically a unique ID that is given to subjects and Objects. It is an ID that identifies a person and also helps in identifying objects like a specific group or a specific file.
Discretionary Access Control:
Most operating systems use discretionary access controls. It is a type of access control that allows users to give access to their own data to whomever they want.
Realtor Associate @ Next Trend Realty LLC | HAR REALTOR, IRS Tax Preparer
1 年Thanks for Posting.