Categories
Linux Tutorial Series

Linux Tutorial Series – 97 – User identification, authentication and authorization

Here is the video version, if you prefer it:

Today we are going to talk about identification, authentication and authorization. We will explain it on an example of me getting into a club.

Let’s say I want to get into a club. I approach the bouncer, and he asks me who I am. I answer with my full name. That is identification – I provided my identity. Then the bouncer asks me to prove my identity (either via my identity card or whatever else). That is called authentication. Then, if my identity card is valid and the bouncer verifies who I am, then the bouncer checks “the list” and sees if I am on the list – that is authorization. Authorization is checking if a particular user has particular rights – in this case, if I am allowed to enter the club. I enter the club and thus this LinkedIn article is nearing its end.

These mechanisms exist within the operating system and are important for security. Think of operating system as the club bouncer and of me as someone trying to mangle around with the processes running on my computer. We talked about user IDs associated with the process IDs. So, for example, if I am a user with ID 4 trying to modify a process started by user with ID 5, I would not be authorized to do so and the operating system would not allow me to do so. I don’t think it’s important for you to know the details of how this is done exactly, but just to know that this is done so that there is some measure of security within the system. This may not matter much if you are the only user on your computer, but imagine if there are multiple users – then it starts to matter.

Hope you learned something useful!

NewsletterUpdates on interesting things I am doing

Subscribe to my newsletter to keep abreast of the interesting things I'm doing. I will send you the newsletter only when there is something interesting. This means 0% spam, 100% interesting content.

Leave a Reply

Your email address will not be published.