Resource Center
Hitachi ID Facebook Page Hitachi ID Twitter Page Find us on Google+ Hitachi ID YouTube Page

Authorization

Authorization is a process where a system or application makes a run-time decision about whether to allow a user to perform some function or access some data.

Authorization decisions generally depend on the identity of the user wishing to perform the action, the action which he wishes to perform, the security entitlements which the user has been assigned and the data on which he wishes to perform the action. In some cases, the decision may also depend on contextual information such as the user's location, the time or date or the type of device using which the user connected to the application.

Authorization decisions may be made by application logic, by access controls inside a database that supports an application or by a stand-alone access control engine. They are made by evaluating a security model, with the most popular models being:

Authorization should not be confused with identity administration which is the process used to define and manage identities and to assign entitlements to users. The former is a run-time enforcement while the latter refers to updating directories with business-appropriate identity and privilege data.

Return to Identity Management Concepts