Access Controls, User Permissions and Privileges

In my last post, What is Authorization and Access Control, I explained that we use authentication to verify identity – to prove you are whom you claim to be – and also to enable an authorization policy, i.e., to define what your identity is allowed to “see and do”. We then implement these authorization policies using security measures to grant or deny access to resources we want to control or protect. The measures we use to implement authorization policies are called user access controls, but are also known as user permissions or user privileges. User access control is commonly used…

This is a Security Bloggers Network syndicated blog post authored by The Security Skeptic. Read the original post at: The Security Skeptic