The process of determining whether the user who has logged in has the authority to access a specific recourse as requested.
In other words, authorization is the process of specifying access rights to a subject over a set of objects.
Authorization can also be linked with the access control lists that are found in operating systems in terms of groups, networking devices like routers, firewalls, etc. Authorization is the part of the AAA cycle that is short for Authentication, Authorization, and Accounting.
Authorization must always follow authentication as it wouldn’t be possible to authorize someone without having them authenticated. Let us consider an example of a passenger boarding a plane.
When the passenger approaches the check-in counter at the airport, they present their identification and ticket. This part of the process is called authentication.
Based on the set of credentials provided by the passenger, the check-in officer would authenticate the user and issue a boarding pass for the specific flight.
The passenger would then clear the security check and at the boarding gate present the boarding pass.
The officer at the boarding gate would check the boarding pass and verify if the user is allowed to board that particular flight.
This is the process of authorization.