Identity Vs Authentication Vs Authorization: Biggest Dilemma

[Source: https://i.pinimg.com/564x/0c/9b/de/0c9bde42bc52832b7bdf756a8ee57960.jpg]
[Source: https://i.pinimg.com/originals/99/8b/c0/998bc08f426d260a8686affdebbce4a5.gif]

Security world terminologies

  1. Identity
  2. Authentication
  3. Authorization

Identity

[Source: https://s3.amazonaws.com/lowres.cartoonstock.com/law-order-identity_theft-identity_thief-id_card-stolen_identity-crime-bwhn774_low.jpg]

Authentication

[Source: https://communicrossings.com/files/security/img/try-again-400.jpg]

Levels of Authentications

  1. Single Factor Authentication
  2. Two Factor Authentication
  3. Multi-Factor Authentication
[Source: Cartoon by Phil Johnson for MIT]

Authorization

[Source: https://lowres.cartooncollections.com/visits-visitors-authorization-authorised_personnel_only-privacy-social-issues-CC22550_low.jpg]

OAuth 2.0: A brief introduction

  • Federated Identity — Allowing users to log in to an application with another existing account that the user owns. (End-users)
  • Delegated Authority — Allowing another service to access resources in a controlled manner on another service on behalf of the user. (3rd Party Applications)

Let’s wind up folks

[Source: https://i.pinimg.com/originals/14/fc/03/14fc030a45875ea3021063e18d433ea5.png]

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store