This is the process by which an entity verifies the identity of a user or system before granting access. It ensures the legitimacy of a user to access a resource. Authentication can be done through passwords, certificates, biometrics, etc.
It ensures secure and controlled access to IT resources.
During authentication, the credentials provided by the user, such as login credentials, digital certificates or biometric fingerprints, are compared to data recorded in a database.
Access is granted only if the information matches exactly.
Within a company, the information system administrator is responsible for assigning rights and configuring access to resources. A user with an access account, consisting of a username and password, can only access the resources they are specifically authorized to use.