What is Authorization?

Authorization is the mechanism which grants or denies access to a network resource and allows user access to various resources based on the identity of the user. It determines access levels or privileges of user/client related to services, files, computer programs, data and application features etc.

Web security systems work on a two-step method:

  • Authentication which ensures identity of the user
  • Authorization which gives permission to the user to access various resources based on the user’s identity.

Modern-day Operating Systems have effective authorization processes to facilitate application deployment and management. Furthermore, access to computer systems depends on access policies and is spread over two phases, namely:

  • Policy definition phase where access is authorized.
  • Policy enforcement phase where requests to access are allowed or denied.

Authorization is implemented by the Security Server which has controlled access at the level of individual files and programs.


Leave a Reply