Posted in Information Technology & Systems, Total Reads: 385
The term authorization is commonly used in network security and it refers to the process of giving someone rights or permission to do something. In distributed systems or in multiuser systems, administrator defines which user has got access to the system and also what all privileges the user has got (for example reading access or writing access or executing access or a combination of these). It also determines the resources given to the user by system administrator (like directory list, computer program, access time, space limitation etc.).
Authorization is generally preceded by authentication. Authentication is the process to ensure that the user/entity requesting access is the one what it claims to be. For example in a database system a user is authenticated when he/she enters the correct username and password provided by database administrator but the user is not allowed to view/modify other users’ files because he is not authorized to do so.
In daily life also several examples of authentication and authorization takes place. Consider a person who is going to watch a movie in a multiplex. When the user shows the ticket to the guard he is authenticated as the user who can go inside the theatre and enjoy the show. However it’s the screen number and seat number that authorize him/her to sit at a particular place in the theatre.