Can a System Permit Authorization Without Authentication?
A system is a computer with installed resources that allow users to perform a job. The computer's operating system manages the functionality and security of the system's resources. Authentication and authorization are mechanisms used by the operation system to secure resources on the system.
Other People Are Reading
-
Authentication
-
Authentication is the process where a system attempts to identify the user. The idea is to answer the questions: "Who are the users and are they really who they say they are?" An example of authentication is entering a user name and password.
Authorization
-
Authorization is the process of defining the level of access a user has on a system. The level of access determines what resources a user can access. Resources are files, folders, applications, hard drive space quota and printer usage. For example, a user may have read only access to files but can't change, copy or delete them.
-
User accounts
-
A user account is a point of access to log in to a computer system. User accounts provide personal space and settings for a user on the system. User accounts can be made for an administrator or basic users.
Administrator
-
An administrator account is usually created as soon as a system is installed. Administrators have all access to resources on a computer. Administrators have the ability to create other user accounts, define the level of access for those users and reset passwords. This type of account requires both authentication and authorization.
Basic user
-
A basic user account is used to access resources on a system. This type of account can be created without the requirements of a password, thus allowing for authorization without authentication. In this condition, the account is left open for anybody to use resources, copy files or damage the system.
-
References
- Photo Credit Polka Dot RF/Polka Dot/Getty Images
