Authorization

From BC$ MobileTV Wiki
Jump to: navigation, search

Authorization is a security mechanism which sets checks and balances on the information an individual or organization can access, thus proving that they are authorized (i.e. a person or organization has permission) to carry out that access.

The most common form of authorization is the use of a "Privilege system" (which may use other cryptographic mechanisms to ensure the security and privacy of data in transit). A Privilege System in the most common case defines basic data operations, for example: Read, Write, Execute (as in the Unix File System).


Authorization may be carried out at system-level, file-level, or group/role-level or on an individual user per-access basis (i.e. for high security or sensitive information).


Specifications

OAuth

  • For more info, see section: OAuth


Active Directory

To verify your AD credentials when logged into windows on a specific AD-protected domain, you can use the following command:

net user bcop /domain

LDAP

  • For more info, see section: LDAP


SAML


XACML

[1]



Hand-in-Hand with Authentication

When a user is authorized to access some information, they should have first successfully carried out authentication to prove they are indeed who they say they are, then they will be able to access the information based on the authorized permission level that was assigned to them by the information's owner.




Resources


Tutorials


External Links

See Also

OAuth | LDAP | SAML | UMA | Authentication
  1. A Basic Introduction to XACML: https://dzone.com/articles/a-beginners-guide-to-xacml