Authorization is the act of granting access to a specific resource. This can be an entire application, or a much smaller piece of functionality. Authorization is also referred to as access control.

The de facto standard for fine-grained authorization is eXtensible Access Control Markup Language (XACML). For coarse-grained authorization on Internet scale, OAuth is an important standard.

Previous: Authentication Next: Auditing


4 thoughts on “Authorization

Please Join the Discussion

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s