1.2. Authorization
Authorization is defined as the act of determining whether a particular privilege can be granted to the presenter of a particular credential. The privilege can be right of access to a resource, such as a communications link, an information database, a computing machine, or many other things owned by a network or service provider. The presenter of the credential can be either a device or a user.
1.2.1. How is it Different from Authentication?
The problem of authorization and its distinctions from the problem of authentication can be easily explained with the following example. Let us assume that a person, holding a personal handheld device such as a wireless-link enabled PDA, has subscribed with a high-priced network operator. This person requests to see some movie clips on his personal device. She uses her personal device to connect to a wireless network, and based on the credentials that the network provider has given to her at the time of subscription, she can authenticate through her PDA and connect to the network. In many of the networks today, this authentication would be enough for her to access the movie clips from a server located inside the operator's network. However, imagine if the network provider would charge different prices for different movies or download speeds. A lower paying user is allowed to download the clips at a much slower speed. The user may request a higher quality of service (QoS) by agreeing to pay a one-time premium. In this case, ...