From BC$ MobileTV Wiki
Jump to: navigation, search

Authorization is a security mechanism which sets checks and balances on the information an individual or organization can access, thus proving that they are authorized (i.e. a person or organization has permission) to carry out that access.

The most common form of authorization is the use of a "Privilege system" (which may use other cryptographic mechanisms to ensure the security and privacy of data in transit). A Privilege System in the most common case defines basic data operations, for example: Read, Write, Execute (as in the Unix File System).

Authorization may be carried out at system-level, file-level, or group/role-level or on an individual user per-access basis (i.e. for high security or sensitive information).



  • For more info, see section: OAuth

Active Directory

To verify your AD credentials when logged into windows on a specific AD-protected domain, you can use the following command:

net user bcop /domain


  • For more info, see section: LDAP




Hand-in-Hand with Authentication

When a user is authorized to access some information, they should have first successfully carried out authentication to prove they are indeed who they say they are, then they will be able to access the information based on the authorized permission level that was assigned to them by the information's owner.



External Links

See Also

OAuth | LDAP | SAML | UMA | Authentication
  1. A Basic Introduction to XACML: