These two similar looking terms are slightly different. Lets look the difference between them :
Authentication :
An authentication system is how you identify yourself to the computer. The goal behind an authentication system is to verify that the user is actually who they say they are. It proves that an Individual is who says He or She or It in fact says, He or she or It is. There are many ways of authenticating a user. Any combination of the following are good examples.
- Password based authentication
- Device based authentication
- Biometric Authentication
- Retina Scanners:
- Hand Scanners:
Authorization:
Once the system knows who the user is through authentication, authorization is how the system decides what the user can do.It determines what an individual can do in the system after He or She or It is authenticated.
A good example of this is using group permissions or the difference between a normal user and the superuser on a unix system.
There are many types of authorizaion :
- ACL(Access Control Lists)
- Group or Role Membership
- Privilege Ownership
- Permissions
Summary :
Authentication :
An authentication system is how you identify yourself to the computer. The goal behind an authentication system is to verify that the user is actually who they say they are. It proves that an Individual is who says He or She or It in fact says, He or she or It is. There are many ways of authenticating a user. Any combination of the following are good examples.
- Password based authentication
- Device based authentication
- Biometric Authentication
- Retina Scanners:
- Hand Scanners:
Authorization:
Once the system knows who the user is through authentication, authorization is how the system decides what the user can do.It determines what an individual can do in the system after He or She or It is authenticated.
A good example of this is using group permissions or the difference between a normal user and the superuser on a unix system.
There are many types of authorizaion :
- ACL(Access Control Lists)
- Group or Role Membership
- Privilege Ownership
- Permissions
Summary :
| No | Authentication | Authorization |
| 1 |
Authentication verify who you are?
| Authorization verify what you are authorized to do ? |
| 2 | There are different way to authenticate the user like Password based Authenticate, Device based Authenticate, Biometric Authenticate | Giving the group permission like normal user to super user on Unix system |
| 3 | Authentication establish the identity | Authorization decide what privileges a given to person and program |
No comments:
Post a Comment