// THREAT DETECTION AND DATA PRIVACY TERM
Authorization
Authorization is the process of determining what an authenticated user or system is allowed to do or access within a computer system or network. It involves granting or denying specific permissions to resources or actions.
TECHNICAL DEFINITION
Authorization, a crucial cybersecurity control, is the process of enforcing access rights and privileges for authenticated entities (users, services, applications) to specific resources (data, files, systems) or operations, typically managed through predefined access control policies such as RBAC or ABAC.
BACKGROUND
The Cybersecurity and Infrastructure Security Agency (CISA), headquartered in Arlington, Virginia, is a component of the United States Department of Homeland Security (DHS) responsible for cybersecurity and infrastructure protection across all levels of government, coordinating cybersecurity programs with U.S. states, and improving the government's cybersecurity protections against private and nation-state hackers.
READ MORE ON WIKIPEDIASYNONYMS & ALIASES
- Access Control
- Permissions
- Privileges
- Rights Management
- Entitlement Management
USAGE NOTE
Authorization is distinct from authentication and is often implemented through access control lists (ACLs) or role-based access control (RBAC).
DEVELOPERS
Organizations developing technology related to Authorization.
A leading independent provider of identity for the enterprise, offering cloud-based identity and access management solutions that include robust authentication and authorization services for employees and customers.
Through Azure Active Directory (Azure AD), Microsoft provides comprehensive identity and access management services that enable strong authentication and granular authorization for cloud applications, on-premises resources, and user identities.
Specializes in identity governance, providing solutions that help organizations manage and secure all access to critical data and applications, including enforcing authorization policies across the enterprise.
Offers an intelligent identity platform that provides secure authentication and authorization solutions, enabling enterprises to control access to their applications, APIs, and data for both employees and customers.
A leader in privileged access management (PAM), CyberArk provides solutions to secure, manage, and monitor privileged identities and credentials, which is critical for enforcing authorization and preventing unauthorized access to sensitive systems.
Delivers a comprehensive digital identity platform that includes advanced access management capabilities, enabling organizations to enforce dynamic and granular authorization policies for all identities across their digital ecosystem.
Provides universal privilege management solutions that enable organizations to discover, manage, and audit privileged access, directly addressing authorization needs by enforcing least privilege and controlling access to critical systems and data.
Offers AWS Identity and Access Management (IAM), a service that helps customers securely control access to AWS resources. IAM allows for detailed authorization policies to be defined, specifying who can access which services and resources.