Access Control Process
There are three steps to the access control process:
- Identification—The process by which a subject identifies itself to the access control system
- Authentication—Verification of the subject’s identity
- Authorization—The decision to allow or deny access to an object
The second step usually happens behind the scenes, so the subject is really only aware of two stages: He or she enters credentials and is either given or denied access to a resource. FIGURE 1-1 illustrates the access control process using human interaction as an example.
Get Access Control and Identity Management, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.