Authentication vs. Authorization verification and authorization [arrangement]

Source: Internet
Author: User

Authentication.
AuthorizationVerification and authorization

Authentication vs. Authorization authentication and authorization It is important to clarify the difference
AuthenticationAnd Authorization, And how these terms are used
Within this paper. The differences are fairly obvious, but understanding
Implications of each is important.

First, we must distinguish between authentication and authorization.,So that we can better understand them in this document(Passport Guide)Meaning. As the name implies,It seems that their differences are obvious.,But for us,It is important to understand the associations between them.

P.s.: Literally, the Chinese differences between the two are clear at a glance, but these two words are very confusing in English.

AU · then · Ti · Ca · tion[Aw
Thè nt káysh 'n:
The verification of credentials presented by
Individual or process in order to determine identity.

Verification: when we want to identify an individual or a process (request), we usually need to identify the identity information they provide. This authentication process is called verification.

AU · Thor · I · za · tion[À wthr
Záysh 'n'] n:
To grant an individual permission to do something or be
Somewhere.

Authorization: The system grants an individual the right to engage in certain actions within a certain range. This process is called authorization.

AuthenticationIs the process of recognizingWhoAn
Individual is by verifying credentials.AuthorizationIs
The act of deciding what that individual has access to. When someone asks
Your driver's license, for example, it is a form of authentication. Your
Driver's license provides a way for you to identify yourself to others in order
To assist in your transactions.

Authentication is the process of determining an individual by checking the identity information. Verification determines the behavior of an individual's behavior norms. Simply put, verification is to determine who you are? Authorization is what you are allowed to do. For example, sometimes you need to show your driver's license to describe your identity. This is a form of verification. In many cases, your driver's license is used to prove your identity so that you can pass verification and obtain various authorizations.

Your driver's license alone does not determine
Whether you can legally engage in any age Restricted Activities (voting,
Example). It only verifies the relevant credentials, such as date
Of birth, so that permission can be given for an activity.

However, your driver's license does not allow you to pass verification similar to those requiring age restrictions (such as voting ). These verifications require you to present proof of identity related to them, such as your date of birth, so that you can obtain the appropriate permission (authorization)

p.s. , the verification information he needs is also different. For example, most Web site needs password and financepassword (second-level financial password), one for user login identity authentication, another pass used as a user for financial operation verification

It is possible to authenticate someone
Any authorization, but it is difficult to imagine authorizing someone for some
Purpose without also requiring that they go through some form
Authentication.

You may not give any authorization after verifying a user, but we do not advocate giving some form of authorization to some users without any form of authentication.

P.s.: The authorization is not necessarily authorized, and the authorization must be verified.Pai_^

passport is focused on authentication.
This is important, as it means that you remain in control of authorizing
your own services. one of the benefits of passport is that it
offloads the need for you to run an authentication system, resetting passwords
and other related tasks, while still leaving you control over who can use your
site.

passport as a universal verification platform, it is important to clarify this. Each passport relying party account for authorization. Help you establish and maintain a user verification system, you do not have to remember multiple accounts for multiple websites. / worried about passwords, passport users want to .... Just so

any computer system should have a permission module that splits permissions into verification and authorization. This is indeed a clear solution, of course, passport has already been implemented. Thanks to the Microsoft documentation, this is indeed helpful to me. For Microsoft's talented children, in addition to sighing ...... All developers work together to kill Microsoft!

the differences between identity authentication and authorization are documented in Microsoft documents. Identity Authentication verifies creden during connection attempts, the login process includes the authentication protocol used by the network access client to send creden, to the server in plain text or encrypted mode, authorization determines whether to accept or reject the connection based on the account creden and remote access policy after authentication. authorization can be performed only after the login attempt is successful, if logon fails, user access is denied.
below is my understanding:

when you go abroad, you must have two things. In passport and visa, a passport wants identity verification. He can only prove your identity, but cannot do anything else. In visa, he wants to authorize the passport. The visa indicates what you can do in this country, this is the same as authorization.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.