Authorization

Authorization is the process of deciding if a user is allowed to access the service he or she has requested.

Authorization is checked after a user authenticates i.e., confirms his or her identity.

Authorization to access a given resource (computer, file, database record, etc.) is usually governed by a set of "permissions" or "access control list". These may in turn describe the user granted access directly by name, or indirectly by some property, such as connecting IP address, membership in a group or attribute such as primary affiliation with the University.

Authorization decisions may grant access to individual users, groups, roles or users bearing other attributes. Technologies like Internet2 applications (Grouper, Shibboleth) and LDAP-based directory servers (groups and roles) make it possible for departments and organizations to leverage shared information to control access more efficiently.

Digital Identity Management

Authentication
AuthN & AuthZ Recommendations
Authorization
WebRAT

AIT RSS feed

Search

Authorization

Links