Authentication and Authorization are two terms that are often used interchangeably in the tech world. However, both these terms are quite different with entirely different concepts and meanings.
Simple English Meaning: The process or action of verifying the identity of a user or process.
Authentication is the process of proving one’s identity before gaining access to a resource. We see Authentication everywhere in our day to day lives, such as:
In Tech World, we see Authentication in the following scenarios:
Generally, Authenticating yourself is just proving to the system that you are the one you are claiming to be. It normally takes place in the following way:
A user tries to Log In to the system and is asked to present his username and password. When both of these things are entered and are validated as true by the system, the user is authenticated and is allowed to Log In.
Simple English Meaning: Official permission for something to happen or the act of giving someone official permission.
Authorization is the process of providing or granting users permission to access a protected resource.
Some examples of
Authorisation are:
etc.
Let us take a real-world example where we see both Authentication and Authorization concepts working together.
In offices, when
a new employee joins, he is given two things-
The use of the ID
Card is to prove the employee’s identity. It contains the name, employee ID and
some other details of the employee.
The use of the Access Card is to grant special permissions to an employee to access specific parts of the office. For example, some employees might not have permission to access the server room and some employees might have. The Access Card helps in establishing the relationship between a user and the scope of access he has.
The post What is the Difference Between Authentication vs Authorization? appeared first on Cyber Security News.