Print this chapterPrint this chapter

Access Control Fundamentals

7. Identification Authentication and Authorization

Identification describes a method of ensuring that a subject is the entity it claims to be. E.g.: A user name or an account no.

Authentication is the method of proving the subject's identity, e.g. Password, Passphrase, PIN.

Authorization is the method of controlling the access of objects by the subject. E.g.: A user cannot delete a particular file after logging into the system.

Note: There must be a three-step process of Identification, Authentication, and Authorization in order for a subject to access an object