ProSec GmbH

+49 261 45093090

  • About us
  • Services
    • Detection services
      • Classic penetration testing
      • Pentest as a service
      • Web application pentest
      • Vulnerability analysis
      • Red teaming
    • Solution services
      • IT security consulting
      • Data protection
        • GDPR
    • Education services
      • User awareness
      • Trainings
        • Junior penetration tester
        • Penetration tester web
        • Penetration tester network
  • Wiki
  • Jobs
  • Contact

Authentication vs Authentification vs Authorization

They are essential parts of a registration process.

In practice, authentication and authentification in particular are often used synonymously, since they are part of the same process for use on IT systems. The distinction is particularly important when it comes to the documentation of IT processes.

Authentisierung vs. Authentifizierung vs. Autorisierung

Step 1 - Authentication

Authentication refers to the presentation of proof of the user’s identity to the IT system or resource to which they are trying to log on. This proof can be in various forms, such as information that only the user knows (password, PIN), something he is (fingerprint, iris scanner), something he has (smart card, token, badge), or a combination of the above. Authentication is therefore the active act of the user during registration, in which he asserts his identity with proof.

Step 2 - Authentification

Authentification refer to the procedure for checking the assertion of identity and its result, in that the IT system compares it with the stored information on the asserted identity or consults a third, authorized party. Thus the access controls follow the authentication.

Secure your company too!

 IT Security from ProSec!

To the page

Step 3 -Authorization

The positive result of the authentication is followed by the “authorization”, which means the granting or the restriction to “certain rights”. Successful authentication does not automatically mean access to resources in the network.

A classic example of this is withdrawing cash from an ATM.

The customer authenticates himself with his combination of EC card (something he owns) and his PIN (something he knows). 

If the information matches, the ATM authenticates the customer as the legitimate user of the bank account.

The bank customer is now authorized to withdraw an amount from his account. If the limit is exceeded, the process would be canceled due to a lack of authorization.

Zuletzt aktualisiert am June 2, 2021

OUR LOCATIONS

  • Headquarters:
  • ProSec GmbH
  • Robert-Koch-Straße 1-9,
    D-56751 Polch, Germany

  • Berlin office:
  • ProSec GmbH
  • Friedrichstr. 123,
    D-10117 Berlin, Germany

 

  • Munich office:
  • ProSec GmbH
  • Franz-Joseph-Str. 11,
    D-80801 München, Germany

TOP-SERVICES

  • Penetration testing

  • Vulnerability analysis

  • Trainings

  • IT security consulting

  • Social engineering

All rights reserved. © 2022 ProSec GmbH | Imprint | Privacy policy | Sitemap