Proof of authorization (identification technology)
A credential ( English credential ) is an instrument that a system, the identity is to confirm from another system or user. An identity known in the system is required. Proof is usually provided after the identity has been named in the form of a user ID in connection with an authentication feature .
Credentials identification documents, certificates, passwords or results may be cryptographic methods or physical components for access or admission as smart cards or keys .
Proof of authorization in the case of unknown identity must be implemented using asymmetric keys. Then the user must have at least one matching complementary key.
Example situation
A user wants to log on to a system as a client in order to e.g. B. to access a protected resource . In order to authenticate, the user as the client first gives his identity and then gives his user ID and password as proof of authorization, which the server can use to authenticate him.
The following processes must be carried out for this:
- Identification: The user reveals his identity.
- Authentication (or also authentication ): The identity of the user is confirmed by entering a user ID and the user is accepted for the required access rights based on the authentication feature.
- Authorization : It is checked whether the user in question has the necessary rights , i.e. is authorized to access the required resources, so that a controlled opening of the protection of the IT resource can take place according to the set access rights. The authorization level entered allows a user to edit or delete certain files or processes based on preset rights.