惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
V
Visual Studio Blog
The GitHub Blog
The GitHub Blog
Apple Machine Learning Research
Apple Machine Learning Research
J
Java Code Geeks
T
Tailwind CSS Blog
大猫的无限游戏
大猫的无限游戏
Jina AI
Jina AI
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Hugging Face - Blog
Hugging Face - Blog
WordPress大学
WordPress大学
宝玉的分享
宝玉的分享
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
罗磊的独立博客
人人都是产品经理
人人都是产品经理
H
Heimdal Security Blog
Last Week in AI
Last Week in AI
博客园 - 【当耐特】
Cyberwarzone
Cyberwarzone
Google DeepMind News
Google DeepMind News
雷峰网
雷峰网
Hacker News: Ask HN
Hacker News: Ask HN
Webroot Blog
Webroot Blog
Microsoft Azure Blog
Microsoft Azure Blog
MyScale Blog
MyScale Blog
A
About on SuperTechFans
V2EX - 技术
V2EX - 技术
小众软件
小众软件
博客园 - Franky
博客园 - 司徒正美
P
Privacy International News Feed
爱范儿
爱范儿
U
Unit 42
博客园 - 叶小钗
The Hacker News
The Hacker News
C
Check Point Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Simon Willison's Weblog
Simon Willison's Weblog
N
News and Events Feed by Topic
D
Docker
T
Threatpost
MongoDB | Blog
MongoDB | Blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
H
Help Net Security
L
LINUX DO - 最新话题
Security Latest
Security Latest
T
The Exploit Database - CXSecurity.com
S
SegmentFault 最新的问题
A
Arctic Wolf
Spread Privacy
Spread Privacy

Comments for Cyber Security News

10 Dangerous DNS Attacks Types & Prevention Measures - 2026 10 Dangerous DNS Attacks Types & Prevention Measures - 2026 10 Best Vulnerability Assessment and Penetration Testing (VAPT) Tools in 2026 10 Best Vulnerability Assessment and Penetration Testing (VAPT) Tools in 2026 Top 10 Best Google Alternatives In 2026 Top 10 Best Google Alternatives In 2026 What is SYN Attack? How Does the Attack Works ? What is SYN Attack? How Does the Attack Works ? What is the Difference Between Authentication vs Authorization? Comment on SOC1 vs SOC2 – Cyber Threat Intelligence Guide by jo3 Data Encryption: Why Is It So Important? Data Encryption: Why Is It So Important? Unprotected US Critical Infrastructure Can be Hacked By Anyone - A Shocking Report Vulnerability in Million Times Downloaded iPhone app Let Attacker Listen to any User's Call Recording Vulnerability in Million Times Downloaded iPhone app Let Attacker Listen to any User's Call Recording FBI Could use a Tool to Access Private Signal Messages on iPhones FBI Could use a Tool to Access Private Signal Messages on iPhones GDPR & HIPAA Compliance - Key Similarities and Differences in the Compliance Requirements Unprotected US Critical Infrastructure Can be Hacked By Anyone - A Shocking Report
What is the Difference Between Authentication vs Authorization?
Cyber Writes Team · 2023-06-11 · via Comments for Cyber Security News

Authentication and Authorization are two terms that are often used interchangeably in the tech world. However, both these terms are quite different with entirely different concepts and meanings.

Authentication

Simple English Meaning: The process or action of verifying the identity of a user or process.

Authentication is the process of proving one’s identity before gaining access to a resource. We see Authentication everywhere in our day to day lives, such as:

  1. Passports
  2. ID Cards
  3. Aadhaar Cards

In Tech World, we see Authentication in the following scenarios:

  1. Website LogIns
  2. Mobile Phone LogIns
  3. Computer LogIns

Generally, Authenticating yourself is just proving to the system that you are the one you are claiming to be. It normally takes place in the following way:

A user tries to Log In to the system and is asked to present his username and password. When both of these things are entered and are validated as true by the system, the user is authenticated and is allowed to Log In.

Types of Authentication

  1. Single-Factor Authentication: It is the simplest form of Authentication and requires just a username and password. Once these two are validated, a user is allowed to log in. Example: Simple website login
  2. Two-Factor Authentication: This form of Authentication requires an additional piece of information only the user knows, along with the username and password. Example: Logging In to a website with the username and password and an OTP (One-Time Password) sent to the user’s email id or phone.
  3. Multi-Factor Authentication: This is the most advanced method of Authentication, which requires two or more levels of security from independent categories of authentication to grant a user access to the system. This form of authentication utilizes factors that are independent of each other to eliminate any data exposure.

Authorization

Simple English Meaning: Official permission for something to happen or the act of giving someone official permission.

Authorization is the process of providing or granting users permission to access a protected resource.

Some examples of Authorisation are:

  1. Granting individual access to a specific location in a building
  2. Allowing a user to access specific parts of a website

etc.

Authentication and Authorization Working Together in Real World

Let us take a real-world example where we see both Authentication and Authorization concepts working together.

In offices, when a new employee joins, he is given two things-

  1. ID card (Authentication)
  2. Access Card (Authorization)

The use of the ID Card is to prove the employee’s identity. It contains the name, employee ID and some other details of the employee.

The use of the Access Card is to grant special permissions to an employee to access specific parts of the office. For example, some employees might not have permission to access the server room and some employees might have. The Access Card helps in establishing the relationship between a user and the scope of access he has.

Also Read: What is OAuth 2.0 ? How it Works ? A Detailed Explanation of Authorization Framework

Cyber Writes Team

Cyber Writes Teamhttps://www.cyberwrites.com

Work done by a Team Of Security Experts from Cyber Writes (www.cyberwrites.com) - World’s First Dedicated Content-as-a-Service (CaaS) Platform for Cybersecurity. For Exclusive Cyber Security Contents, Reach at: business@cyberwrites.com