What is the difference between authentication and
authorization
?
Answer Posted / rahul
An authentication system is how you identify yourself to
the computer. The goal behind an authentication system is
to verify that the user is actually who they say they are.
There are many ways of authenticating a user. Any
combination of the following are good examples.
Password based authentication
Requires the user to know some predetermined quantity
(their password).
Advantages: Easy to impliemnt, requires no special
equipemnt.
Disadvantages: Easy to forget password. User can tell
another user their password. Password can be written down.
Password can be reused.
Device based authentication
Requires the user to posses some item such as a key, mag
strip, card, s/key device, etc.
Advantages: Difficult to copy. Cannot forget password. If
used with a PIN is near useless if stolen.
Disadvantages: Must have device to use service so the user
might forget it at home. Easy target for theft. Still
doesn't actually actively identify the user.
Biometric Authentication
My voice is my passport. Verify me. This is from the movie
sneakers and demonstrates one type of biometric
authentication device. It identifies some physical
charactistic of the user that cannot be seperated from
their body.
Authorization
Once the system knows who the user is through
authentication, authorization is how the system decides
what the user can do.
A good example of this is using group permissions or the
difference between a normal user and the superuser on a
unix system.
Is This Answer Correct ? | 5 Yes | 10 No |
Post New Answer View All Answers
Explain how to directly call a native function exported from a dll?
Explain how does assembly versioning in .net prevent dll hell?
What is the difference between remoting and webservice?
Define delegates and events?
Explain how to perform remoting?
Can you explain remoting?
What are static assemblies and dynamic assemblies. Differences between them?
What are the steps to publish an object outside the service domain
What is Remoting?
Explain threading types?
What are the difference between static assemblies and dynamic assemblies?
How to decide which to use .net remoting or asp.net web services?
What is the purpose of strong name?
Types of compatabilities and explain them ?
I am developing a project.Title is "Remote Demonstator".Using asp.net and C# Abstact: While administrator moving mouse and clicking on any link in the webpage that action will be performed in Server machine as well as in client machine.The client initially have to log-in and make a phone call to the admin. This is my project. How can i get this? I can create a website but this concept i have to implement in my website.How can i achive this? How to get client system control and how my mouse movings can be visible to client? I request all to please give me a basic idea or some hint. Advance Thanks.