Difference between Authentication and Authorization
Authentication |
Authorization |
---|---|
Authentication is the process of verifying the identity of a user. |
Authorization determines the extent of access to the network and what type of services and resources are accessible by the authenticated user. |
It is done before the authorization process. |
While this process is done after the authentication process. |
It needs usually the user’s login details. |
While it needs the user’s privilege or security levels. |
The authentication credentials can be changed in part as and when required by the user. |
The authorization permissions cannot be changed by user as these are granted by the owner of the system and only he/she has the access to change it. |
Authentication determines whether the person is user or not. |
While it determines What permission does the user have? |
The user authentication is visible at user end. |
The user authorization is not visible at the user end. |
The user authentication is identified with username, password, face recognition, retina scan, fingerprints, etc. |
The user authorization is carried out through the access rights to resources by using roles that have been pre-defined. |
Access Control in Computer Network
Access control is a security strategy that controls who or what can view or utilize resources in a computer system. It is a fundamental security concept that reduces risk to the company or organization. In this article, we are going to discuss every point about access control.