Authentication vs Authentication vs Authorization

Table of Contents

Essential parts of a registration process.

In practice, authentication and authentication in particular are often used interchangeably since they are part of the same process for use on IT systems.

The distinction is particularly important in the documentation of IT processes.

Step 1 - authentication

Authentication means presenting proof of the user's identity to the IT system or IT resource to which he or she is trying to log on. This proof can come in various forms, such as information only the user knows (password, PIN), something they are (fingerprint, iris scanner), something they have (smart card, token, badge) or a combination of the above. Authentication is therefore the active action of the user when registering, in which he asserts his identity with proof.

Step 2 - the authentication

Authentication refers to the procedure for checking the assertion of identity and its result, in which the IT system compares this with the stored information on the asserted identity or queries a third, authorized body. Thus, authentication follows authentication.

Certainly your company too!
IT security from ProSec!
Go to page

Step 3 - Authorization

The positive result of the authentication is followed by "authorization", which means the granting or restriction of "certain rights". Successful authentication does not automatically mean access to resources on the network.

A classic example of this is withdrawing cash from an ATM.

The customer authenticates himself with his combination of debit card (something he has) and his PIN (something he knows).

If the information matches, the ATM authenticates the customer as the legitimate user of the bank account.

Now the bank customer is authorized to withdraw an amount from his account. If the limit is exceeded, the process would be aborted due to lack of authorization.

Newsletter form (#7)

Become a Cyber ​​Security Insider

Get early access and exclusive content!


By signing up, you agree to receive occasional marketing emails from us.
OTHER CONTRIBUTIONS

Table of Contents

PSN_KU_Cover
NewsLetter Form Pop Up New

Become a Cyber ​​Security Insider

Subscribe to our knowledge base and get:

Early access to new blog posts
Exclusive content
Regular updates on industry trends and best practices


By signing up, you agree to receive occasional marketing emails from us.