Authorization is a security mechanism used to determine user/client privileges or access levels related to system resources, including computer programs, files, services, data, and application features. Authorization is normally preceded by authentication for user identity verification. System administrators (SA) are typically assigned permission levels covering all system and user resources.
During authorization, a system verifies an authenticated user's access rules and either grants or refuses resource access. Modern and multi user operating systems depend on effectively designed authorization processes to facilitate application deployment and management. Key factors include user type, number, credentials requiring verification and related actions and roles. For example, a role-based authorization may be designated by user groups requiring specific user resource tracking privileges. Additionally, an authorization may be based on an enterprise authentication mechanism, like Active Directory (AD), for seamless security policy integration.