omnisecu.com free mcse ccna rhce linux java learning  
Home Knowldege Base FAQ Contact Us Sitemap
omnisecu.com free mcse ccna rhce linux java learning  
omnisecu.com free mcse ccna rhce linux java learning
Home » Knowledge Base » Security » Internet Information Services (IIS) 7 Security » Introduction to Authentication and Authorization
 

Introduction to Authentication and Authorization

 

Authentication is the process of determining whether an entity (normally a remote user or computer) is in fact what it claims to be.

Normally authentication require an entity (user in this case) to provide an identifier (username) and then prove the identity by providing something you know (a password), something you have (security token), or something you are (biometric identification).

Multifactor authentication combines multiple factors of authentication information to improve security. Multifactor authentication normally combines something you know (a password) with something you are (biometric identification).

The process of Authorization occurs once the user is authenticated. Authorization is the process which system uses to determine what a user is allowed to do once he/she is authenticated.  Whenever the authenticated user need to access some file or resource, the system verifies that operation against an Access Control List (ACL) maintained for the file or resource. The ACL consists of a set of Access Control Entries (ACEs) that define which users can or cannot perform certain operations. These operations include read a file, modify a file’s contents, update a file’s properties, perform a backup, shut down a system etc.

 

 

 
 
eXTReMe Tracker
back
next
 
Disclaimer | Feed Back | Trademarks | Knowledge Base | FAQ | Sitemap | Downloads
Copyright 2010 ©OmniSecu.com... Free Networking Tutorials, Free System Administration Tutorials and Free Security Tutorials