There are three important components of access control: identification, authentication, and authorization.Identificationis the activity of the subject supplying
information to identify itself to an authentication service. Some examples of
identification mechanisms are username, account number, and memory card.
Authentication is the second part of a credential set to verify the identity of the
subject. These mechanisms could be passphrases, passwords, cryptographic
keys, PIN numbers, or tokens. You may tell me your name, but I have no proof
that you are who you say you are until you demonstrate the secret handshake.
Only then will I be convinced of your identity. Authorization is the process of
determining what this identified subject can actually access and what operations it can carry out. Authorization is based on some type of predefined criteria, which is enforced through access control lists, security labels, capabilities
tables, or user profiles.
These three components of access control usually work together in a synergetic relationship and can be found in applications, operating systems, firewalls,
routers, databases, domain controllers, and more.
No comments:
Post a Comment