Authorization

In the context of IT security systems, authorization refers to granting or denying a user or system permission to access specific resources or data within a system, and this happens after the user or system is authenticated, which means that their identity is successfully confirmed.

The authorization secruity step decides the extent of privileges or permissions they have to access specific computer resources.

Authorization is a component of IT security’s AAA framework for Authentication, Authorization, and Accounting:

• Authentication verifies the identity of a user, device, or system.
• Authorization determines what resources the authenticated entity is permitted to access.
• Accounting tracks what resources the authenticated entities have accessed over time, creating an audit trail.

Authorization is a vital part of a system’s access control mechanism and significantly contributes to maintaining the system’s security and integrity. 

Quick Intro to Identity and Access Management – 3 mins