A closer look at authentication and authorization mechanisms for web-based applications

Authors:
Sharil Tumin;Sylvia Encheva
Affiliations:
University of Bergen, IT Dept, Bergen, Norway;Stord/Haugesund University College, Faculty of Technology, Business and Maritime Sciences, Haugesund, Norway
Venue:
BICA'12 Proceedings of the 5th WSEAS congress on Applied Computing conference, and Proceedings of the 1st international conference on Biologically Inspired Computation
Year:
2012

Citing 2
Cited 0

PostgreSQL: introduction and concepts

PostgreSQL: introduction and concepts
Practical Cryptography

Practical Cryptography

Quantified Score

Hi-index	0.00

Visualization

Abstract

Authentication is a process by which you provide proofs that you are who you claim to be. Authorization is granting you valid permissions. Everyone is familiar with authentication i.e. login process but not so with authorization. Web-based applications introduced the needs for more understanding of these two processes to both users and implementors. Security data are managed into two related categorizations; authoritative and operational. To provide flexible and efficient administration, accounts, groups and resources data are managed distributively following organizational structures and are based on delegation of rights and responsibilities. To optimize operation, security data are duplicated into directory server to be used by Web-based applications.