Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Software >> Microsoft Related >> Dot Net >> Dot Net Remoting
  2. Suggest New Category

What is the difference between authentication and
authorization
?

Question Posted / manoj kumar

Answer Posted / manoj kumar

An authentication system is how you identify yourself to
the computer. The goal behind an authentication system is
to verify that the user is actually who they say they are.

There are many ways of authenticating a user. Any
combination of the following are good examples.


Password based authentication
Requires the user to know some predetermined quantity
(their password).

Advantages: Easy to impliemnt, requires no special
equipemnt.

Disadvantages: Easy to forget password. User can tell
another user their password. Password can be written down.
Password can be reused.

Device based authentication
Requires the user to posses some item such as a key, mag
strip, card, s/key device, etc.

Advantages: Difficult to copy. Cannot forget password. If
used with a PIN is near useless if stolen.

Disadvantages: Must have device to use service so the user
might forget it at home. Easy target for theft. Still
doesn't actually actively identify the user.

Biometric Authentication
My voice is my passport. Verify me. This is from the movie
sneakers and demonstrates one type of biometric
authentication device. It identifies some physical
charactistic of the user that cannot be seperated from
their body.

Retina Scanners:
Advantages: Accurately identifies the user when it works.

Disadvantages: New technology that is still evolving. Not
perfect yet.

Hand Scanners:
Advantages: Difficult to seperate from the user. Accurately
identifies the user.

Disadvantages: Getting your hand stolen to break into a
vault sucks a lot more than getting your ID card stolen.

Authorization
Once the system knows who the user is through
authentication, authorization is how the system decides
what the user can do.

A good example of this is using group permissions or the
difference between a normal user and the superuser on a
unix system.

There are other more compicated ACL (Access Control Lists)
available to decide what a user can do and how they can do
it. Most unix systems don't impliment this very well (if at
all.)

Is This Answer Correct ?    35 Yes 6 No



Post New Answer       View All Answers


Please Help Members By Posting Answers For Below Questions

What is the purpose of strong name?

1025

what is Client-activated object in remoting?

995

What are static assemblies?

999

What is asynchronous programming?

976

What are static assemblies and dynamic assemblies?

985

What are different types of assemblies?

1122

What is the difference beween the registeractivatedservicetype() and registeractivatedclienttype()?

929

Explain how to directly call a native function exported from a dll?

996

Define singlecall activation mode in .net remoting?

990

What are the security measures exist for .net remoting in system.runtime.remoting?

1019

define client activated objects (cao)?

1075

Explain how does assembly versioning in .net prevent dll hell?

1076

How do you implement distributed applications in .net?

994

What are static assemblies and dynamic assemblies. Differences between them?

1163

What is objref object in remoting?

1166