Authorization

Authorization is the act of granting access to a specific resource. This can be an entire application, or a much smaller piece of functionality. Authorization is also referred to as access control.

The de facto standard for fine-grained authorization is eXtensible Access Control Markup Language (XACML). For coarse-grained authorization on Internet scale, OAuth is an important standard.

Previous: Authentication Next: Auditing

2 Responses to Authorization

  1. Data Classification In the Cloud | Secure Software Development says:
    2013-04-01 at 13:00

    [...] is to determine appropriate access control policies. It is wasteful to protect all your information at the highest level, so you want to [...]

    Reply
  2. How to Create Extensible Java Applications « Secure Software Development says:
    2012-12-10 at 13:04

    [...] another example, imagine an implementation of the XACML specification for authorization. The “X” in XACML stands for [...]

    Reply

Please Join the Discussion

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 246 other followers