Authentication vs. Authorization

Authentication is all about checking and validating that a user is who he says he is. Authentication is commonly based upon a username and a password (but from now on and in the future we should all really be heading towards certificates).
To set a daily task to the word “Authentication”, this is really what you do once you logon to the domain at work once you’ve booted up your computer.

Authorization determines wheter a user has access to resources – i.e. on a specific share on the company fileserver.
It involves SAM, ACLs (Access Control Lists) and Kerberos.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: