Authorization Models
After the authentication step, users want access to specific data to do their tasks. For this, they need authorization. Here are some common authorization methods:
9.1. Role-Based Access Control (RBAC):
- What it is: Assigning roles to users or groups, letting them access only what their role requires.
- Example: HR personnel can access HR data but not finance information.
9.2. Security Assertion Markup Language (SAML):
- What it is: Using an XML-based protocol for Single Sign-On, allowing admins to control resource access.
- Example: Access permissions are communicated through digitally signed documents.
9.3. OpenID Authorization:
- What it is: Checking a user’s identity through OpenID standards, ensuring consistency across systems.
- Example: Standardised authorization based on authentication from an authorization server.
9.4. OAuth Authorization:
- What it is: It allows secure access within applications using permission tokens.
- Example: Users grant access to their information to certain apps without sharing their password.
9.5. Device Permissions:
- What it is: Granting access based on the device trying to connect to a resource.
- Example: Only approved devices can establish a connection.
9.6. Location Permissions:
- What it is: Allowing or denying access based on the user or entity’s location.
- Example: Access permissions may vary depending on whether the user is in the office or working remotely.
9.7. Mandatory Access Control (MAC):
- What it is: It’s about controlling permissions at a deep level in the computer system, usually managed by an admin.
- Example: Only an admin can decide who can access certain files or memory.
Difference between Authentication and Authorization in LLD | System Design
When building computer programs, especially when designing complex systems, it’s super important to understand two key things: authentication and authorization. Even though these words sound similar, they do different jobs to keep our systems safe.
Important Topics for Authentication vs. Authorization
- What is Authentication?
- User Authentication in Low Level Design (LLD)
- Authentication Methods
- How authentication information is passed between components in a low-level design
- Encryption in Authentication Processes
- Hashing in Authentication Processes
- What is Authorization?
- User authorization in Low Level Design (LLD)
- Authorization Models
- Key Differences
- Security challenges and best practices related to authentication and authorization
- Impact of Authentication and Authorization on System Scalability and Performance
- Conclusion