Wiki.Quizz.vn

User Tools

Site Tools

Trace:
security:authentication-and-authorization

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
security:authentication-and-authorization [2026/06/12 10:24] – created phong2018security:authentication-and-authorization [2026/06/13 03:24] (current) phong2018
Line 1: Line 1:
 +https://drive.google.com/file/d/1TIeK1rpQMfTS7lH_6Rf-Vjq5VeziDcQB/view?usp=sharing
 +
 ====== Authentication & Authorization Technologies ====== ====== Authentication & Authorization Technologies ======
  
Line 22: Line 24:
  
 <code> <code>
-Identity & Access Management+Identity & Access Management (IAM)
  
-├── Authentication +├── Authentication (Who are you?) 
-│   ├── Password +│   ├── Password-based (user proves identity using secret password) 
-│   ├── Session +│   ├── Session-based (server stores login state using session cookie) 
-│   ├── JWT +│   ├── Token-based (stateless authentication using tokens) 
-│   ├── API Key +│   │   ├── JWT (JSON Web Token format used to carry claims securely signed) 
-│   ── Basic Auth +│   │   └── Opaque Token (random token validated by server lookup) 
-│   ├── OpenID Connect (OIDC+│   ├── API Key (static key used to identify and authenticate client apps
-│   ├── SAML +│   ├── Basic Auth (username/password sent with each request in encoded form) 
-│   ├── Passkeys / WebAuthn +│   ├── Passkeys / WebAuthn (passwordless authentication using public-key cryptography) 
-│   └── MFA / 2FA+│   └── MFA / 2FA (extra authentication layer requiring multiple factors)
  
-├── Authorization +├── Authorization (What can you do?) 
-│   ├── OAuth2 +│   ├── OAuth2 (delegated authorization framework that grants limited API access without sharing credentials) 
-│   ├── RBAC +│   ├── RBAC (Role-Based Access Control using roles to define permissions) 
-│   ├── ABAC +│   ├── ABAC (Attribute-Based Access Control using user/resource/context attributes) 
-│   └── ACL+│   └── ACL (Access Control List defining permissions per user or group per resource)
  
-└── Federation / SSO +└── Federation / SSO (Who vouches for you?) 
-    ├── OIDC +    ├── OpenID Connect (OIDC) (identity layer on top of OAuth2 used for login and identity verification) 
-    └── SAML+    └── SAML (XML-based enterprise federation protocol for single sign-on across organizations)
 </code> </code>
  
security/authentication-and-authorization.1781259892.txt.gz · Last modified: by phong2018