[TUHS] YP / NIS / NIS+ / LDAP
Pete Turnbull
pete at dunnington.plus.com
Wed Nov 7 21:37:32 AEST 2018
On 07/11/2018 00:35, Grant Taylor via TUHS wrote:
> On 11/06/2018 03:24 PM, Dan Cross wrote:
>> Isn't that authorization?
>
> Not really.
>
> Authentication is proving that you are who you claim to be. - Show
> your drivers license to the bouncer.
>
> Authorization is deciding if the authenticated entity is allowed to have
> access or not. - Is your name on the list of people allowed into the
> nightclub?
>
> Access Control - The bouncer, allowing you in or physically barring you
> from entering.
Not really. You go past the bouncer as an immediate consequence of
authorization. The third 'A' is normally accounting: the bouncer notes
the time you entered in the visitors book or logbook, and sometimes also
notes the time you leave. Just about every network access service does
this, and "access control" is the whole AAA thing combined.
Have you ever seen a system that confirmed authentication and
authorisation but then denied access (other than through a fault)?
Denying access would be by a (possibly temporary) denial of authorisation.
--
Pete
Pete Turnbull
More information about the TUHS
mailing list