Authorization

Why Trust Techopedia

What Does Authorization Mean?

Authorization is a security mechanism used to determine user/client privileges or access levels related to system resources, including computer programs, files, services, data and application features. Authorization is normally preceded by authentication for user identity verification. System administrators (SA) are typically assigned permission levels covering all system and user resources.

Advertisements

During authorization, a system verifies an authenticated user’s access rules and either grants or refuses resource access.

Techopedia Explains Authorization

Modern and multiuser operating systems depend on effectively designed authorization processes to facilitate application deployment and management. Key factors include user type, number, credentials requiring verification and related actions and roles. For example, role-based authorization may be designated by user groups requiring specific user resource tracking privileges. Additionally, authorization may be based on an enterprise authentication mechanism, like Active Directory (AD), for seamless security policy integration.

For example, ASP.NET works with Internet Information Server (IIS) and Microsoft Windows to provide authentication and authorization services for Web-based .NET applications. Windows uses New Technology File System (NTFS) to maintain Access Control Lists (ACL) for all resources. The ACL serves as the ultimate authority on resource access.

The .NET Framework provides an alternate role-based security approach for authorization support. Role-based security is a flexible method that suits server applications and is similar to code access security checks, where authorized application users are determined according to roles.

Advertisements

Related Terms

Margaret Rouse
Senior Editor
Margaret Rouse
Senior Editor

Margaret jest nagradzaną technical writerką, nauczycielką i wykładowczynią. Jest znana z tego, że potrafi w prostych słowach pzybliżyć złożone pojęcia techniczne słuchaczom ze świata biznesu. Od dwudziestu lat jej definicje pojęć z dziedziny IT są publikowane przez Que w encyklopedii terminów technologicznych, a także cytowane w artykułach ukazujących się w New York Times, w magazynie Time, USA Today, ZDNet, a także w magazynach PC i Discovery. Margaret dołączyła do zespołu Techopedii w roku 2011. Margaret lubi pomagać znaleźć wspólny język specjalistom ze świata biznesu i IT. W swojej pracy, jak sama mówi, buduje mosty między tymi dwiema domenami, w ten…