Cryptography and Encryption

Authentication vs. authorization

Authentication and authorization might sound similar, but they are distinct security processes in the world of identity and access management (IAM). Authentication confirms that users are who they say they are. Authorization gives those users permission to access a resource.

• Authentication: Did user login successfully?
• Authorization: Is user allowed to view this page? For example, has the user got “admin” rights to view the admin dashboard?

Taken from here.

Zero-knowledge proofs

Decentralized Authentication

• NuID created a tool for decentralized authentication which can be used in AWS.
• This articles describes the idea.