On 15.11.2013 10:59, Dennis Semakin wrote: > Guys, guys, it's quite simple actually. > > Identification is an assignment of subjects or objects the identificator. > E.g.: login, ID card, fingerprints, retina of the eye...
Yes. > Authentication is a process of comparision between given users password, his > ID(identificator) and the password from database, for example. Yes. > Authorization is Identification plus Authentication No. Authorization is a process of determining permissions of subjects, usually based on identification data and access rules. Ie when you typing sudo password and sudo check its hash, this is authentication. Now sudo knows that you (user working with system) is you are (UID of your shell's process), this is identification. When sudo checks your permissions to "run some programs via sudo" in /etc/sudoers, this is authorization. Authentication and identification in this case based on user's UID and him password, and also on data from /etc/shadow. Identification is result of successful authentication. OTOH, authorization based on rules from /etc/sudoers and identification data. _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
