Authorization

Access control is actually made up of two components: authentication and authorization. Authentication has been briefly discussed above. Authorization is the function of looking up the identities of the client and server objects in a table of access control rules. These rules may require a number of additional pieces of information to be taken into account; time of day, current objects already accessed, etc. The actual rules will be carefully derived from the security policy of the system. In fact the access control rules will be the most obvious manifestation of the system security policy. The result of the authorization function will be a decision, yes or no, on whether the access may proceed. In practice the authorization function usually coincides with the part of the system that will enforce the decision. However it is worth remembering that these two operations: making the decision and enforcing the decision, are separate and can be carried out in different parts of the system if required. There are two sets of rules in the distributed system: those for authentication, and those for access control. The authentication rules determine who can use the system and what privileges they will have according to the way they have authenticated themselves. These rules have a long term effect, in that once someone has been authenticated and is using the system then they are not invoked again. The authentication rules also have a large grain effect in that the privileges given out as a result of a successful authentication can be used to carry out a number of operations affecting a number of objects. The rules for access control provide fine grained control of a system since they determine which privileges are required to access individual objects. These rules are invoked every time that access to an object is required so they also provide fine control in time. A good design of a system will ensure that the two sets of rules complement each other in their scope of control.