Waht is the difference between authorization and access control? Access control specifies what a user can do, and authorization

Question

3 years ago

7

Waht is the difference between authorization and access control? Access control specifies what a user can do, and authorization

enforces what a user can do Access control proves a user's identify and authorization creates a log of their activities Authorization specifies what a user can do, and access control enforces what a user can do Authorization proves a user's identify and access control creates a log of their activities

Computers and Technology

2 answers:

spayn [35] · Answer 1 · 2022-05-27T19:26:36+03:00

<h2>Answer:</h2>

Authorization specifies what a user can do, and access control enforces what a user can do.

<h2>Explanation:</h2>

Authorization is simply granting access to an authenticated user of an application. It specifies what a user can and/or cannot do. For example, for a user to access their banking details in an online banking service, they have to be authorized by first authenticating them to prove their identity. Another example is in an organizational system where some users (normally called admins) can access certain database info whereas some other users (normally called the regular users) cannot.

Access control is used to enforce the policies dictated by authorization. In other words, access control enforces the policy of what a user can and/or cannot do. Access control makes authorization possible. It is sometimes called privileges or permissions. For example, the <em>security tab </em>in the operating system of Windows, allow to set access privileges for certain files and/or folders. Another example is in an organizational system where some files on the organization's server are configured in such a way that access to it is restricted and dependent on some further authorization.

SpyIntel [72] · Answer 2 · 2022-05-27T21:36:10+03:00

Answer:

Authorization specifies what a user can do, and access control enforces what a user can do

Explanation:

Authorization is one of three features in information security access control policies, with the other two being authentication and accounting. Authorization is the required credential of a user needed to access the user account. It is used as a access control process on the account usable features.

The access control is a mechanism in information security technology that is used to specify how data should be accessed. It enforces what a user can do in a network