5.5 Privilege Management
Policies are defined for persons, groups of persons or objects such as data files or hardware such as printers. The policies provide for what is and is not allowed. Privileges are then defined in accordance with these policies, so that the system can automatically enforce many of the agreed-upon policies.
The terms rights management, access control, and authorization are frequently used interchangeably.
Two terms used are sometimes confused: Authorization and Authentication.
Authorization allows a user, Alice, to access a resource. It does not prove Alice's identity. Authentication proves that Alice is really Alice. At least that is how it is suppose to work.
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.