Authorization

From MgmtWiki
Revision as of 11:28, 30 December 2018 by Tom (talk | contribs) (Context)

Jump to: navigation, search

Full Title or Meme

An action that will give a user an Access Token to a protected resource.

Context

  • Previously Authorization was considered to be the second step after the user had been Authentication
  • The challenge of Authorization can be modeled as a decision theory where Authorization of access is granted after the Authorization service has evaluated the Claims presented and made a single decision about access where the Identity of the Subject is assumed to haven been appropriately Authentication. In the case of a failed Authorization the Subject was typically given instructions on the appropriated manual procedures to be follow to gain access to the resource.
  • In the long term game theory would be a better model

Bayesian Identity Proofing provides the means for a collection of authentication and verification steps to be validated.

Problems

Solutions

References

Retrieved from "http://tcwiki.azurewebsites.net/index.php?title=Authorization&oldid=4669"