What Is “Network” Authentication and Authorization?
At Cornell and throughout the world, information is exchanged and access to computers is enabled by the Internet. Moreover, the access to resources via the Internet is sometimes only intended for specific network entities. The requirement to authorize access between authenticated entities drives the need for a network “access-management” architecture at Cornell. Authentication and authorization are each critical in its own light and are unique parts of the larger access-management architecture. Authentication is the process of ensuring knowledge of who or what (in other words, what person or what computer) is accessing “your” resource, your information, or both. Authentication is also the process of ensuring “irrefutable knowledge” of whose service you are accessing. Authorization is the process used to determine what services can be accessed by an irrefutable known (in other words, authenticated) network user or computer. Thus, authentication enables users and computers on the Interne
Related Questions
- Can the token authentication be handled by some distributed processing network or must it be centralized? Are there any concerns for bottlenecks during peak times?
- Do behavioral health services require authorization from Mental Health Network (MHNet)?
- How is authentication and authorization supported in RabbitMQ?
