Understanding Authorization

We discussed authorization in Modules 3 and 11, but in this module, we’ll go more in depth, detailing the concepts of authorization and how they relate to supporting the authorization processes. We will also look at access control models, which define how organizations frame and implement authorization.

Authorization Concepts

In Module 3, you learned that authorization is a distinct part of the process of identification, authentication, authorization, and accountability. To recap, identification involves presenting credentials to a system. Authentication is the process of validating those credentials against a centralized database, to ensure that the user is who they say they are. Authorization takes it ...

Get Mike Meyers' CompTIA Security+ Certification Guide (Exam SY0-401) now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.