鑒别與授權;驗證和授權
Authentication and Authorization security.
認證和授權安全。
At a high level, we apply authentication and authorization rigorously.
在高級别上,我們嚴格應用身份驗證和授權。
You can also set authentication and authorization configuration for XML management.
您還可以為 XML 管理設置身份驗證和授權配置。
Most applications need to address the issues of user authentication and authorization.
大多數應用程式需要解決用戶的驗證和授權問題。
For brevity, this example also omits users and sessions, formatting, and any kind of authentication and authorization.
為了盡量簡潔,該例子還省略了用戶和會話、格式以及各種身份驗證和授權。
Within the deployment descriptor, you can configure specific realms for authentication and authorization.
在部署描述中,可以為身份驗證和授權配置特定的領域。
All the clients/servers trust the security server for authentication and authorization of the messages running over the wires in the network.
所有客戶端/服務器都依賴安全服務器對在網絡上傳輸的消息進行身份驗證和授權。
This gets you firmly into authentication and authorization, as well as very highly customized content.
這為您帶來穩定的身份驗證和授權,以及高度定制的内容。
Do the services support both authentication and authorization?
服務同時支持身份驗證和授權碼?
Where appropriate authentication and authorization are not available, then you must resort, frankly, to clever design and procedures to prevent potential problems.
如果無法采用適當的身份驗證和授權,那麼隻能采取巧妙的設計和過程來防止潛在的問題。
This is the action where all the authentication and authorization steps for any particular request are performed.
這是在其中對任何特定請求執行所有身份驗證和授權步驟的操作。
This section gives a short overview of authentication and authorization concepts of CM V8, as they will be needed to understand the replication process.
本節簡要地概述一下CMV8 中驗證和授權的概念,因為這些概念是理解複制過程所需要的。
AAA info file can be used not only for identity mapping, but also for authentication and authorization.
AAA信息文件不僅可用于身份映射,還可以用于身份驗證和授權。
These mediations may include any or all of validation, logging, audit, authentication and authorization.
這些中介可以包含任何或全部驗證、日志記錄、審核、身份驗證和授權。
This approach embo***s both authentication and authorization.
這種方法包含了身份驗證和授權。
Authentication and authorization are combined together in RADIUS.
在RADIUS 中,驗證和授權是組合在一起的。
Authentication and authorization introduce how to design the organizational structure and access control (privileges) data storage/access patterns.
身份驗證和授權說明如何設計組織結構和訪問控制(特權)數據存儲/訪問模式。
However, this will not address the need for service-level authentication and authorization.
然而,這不能滿足服務層的驗證和授權的需求。
In any distributed environment, in order to maintain universal access, consistent authentication and authorization services are a necessity.
在任何分布式環境中,為了提供普遍的訪問,都需要一緻的身份驗證和授權服務。
Where appropriate authentication and authorization are not available, we resort to clever design and procedures to prevent potential problems.
如果沒有合適的身份驗證和授權,那麼隻能采取巧妙的設計和過程來防止潛在的問題。
As illustrated in Figure 1, there are four main components in the architecture we proposed to implement the authentication and authorization mechanism in the multi-tenant application.
這個體系結構用于在多租戶應用程式中實現身份驗證和授權機制,如圖1所示,它有四個主要組件。
It provides the consistent authentication and authorization services necessary for universal access.
它為通用訪問提供了所需的一緻的身份驗證和授權服務。
The tiny little authentication and authorization system for this tiny little blog application is now in place.
這個 “微型”博客應用程式的 “微型”身份驗證和授權系統現在已經初具雛形。
At a high level, you apply authentication and authorization rigorously.
在高層上,嚴格應用身份驗證和授權。
Security might also be an issue: putting data into S3 means you have to use S3's access control system, which might not fit your authentication and authorization requirements.
安全性也許會成為一個問題:将數據放入S3 中意味着您必須使用S3的訪問控制系統,而這個系統可能不能滿足您的身份驗證和授權需求。
Thus, establishing robust identity management processes to achieve authentication and authorization is one of the key aspects to successfully compile a secure software solution.
因此,必須建立健壯的身份管理過程來實現身份驗證和授權,這是成功實現安全的軟件解決方案的關鍵因素之一。
Authentication and authorization concepts have to be carefully designed.
驗證和授權這兩個概念必須謹慎地加以設計。
There are plug-ins to integrate with a directory, to provide authentication and authorization.
有一些用于與目錄相集成的插件,提供驗證和授權。
You configure EJB authentication and authorization by defining security roles in the deployment descriptor under which each method executes.
EJB 的身份驗證和授權配置方法為:在部署描述符中定義安全角色,每個方法将依據部署描述符執行。
From a business perspective, this request is used to check the user authentication and authorization, which should not be cached.
從業務角度看,這個請求用于檢查用戶驗證和授權,不應該被緩存。
Authentication(身份認證)指驗證用戶或系統身份真實性的過程,确保其聲明的身份合法有效。例如,用戶通過輸入密碼、指紋識别或一次性驗證碼(OTT)等方式證明自己是賬戶的合法所有者。這一過程是訪問控制的基礎,防止未經驗證的實體進入系統。常見技術包括多因素認證(MFA)和生物特征識别。
Authorization(授權)指在身份認證成功後,根據用戶身份或角色分配其可訪問的資源或操作權限。例如,企業系統中管理員可修改數據,而普通員工僅能查看。授權通常通過訪問控制列表(ACL)或基于角色的訪問控制(RBAC)實現,例如雲服務中按角色限制API調用權限。
兩者關系上,身份認證是确認“你是誰”,授權是确定“你能做什麼”。國際标準如OAuth 2.0協議将兩者結合,通過令牌(Token)機制實現安全的權限管理。在金融或醫療系統中,雙因素認證與細粒度權限控制常被聯合應用以符合合規要求。
參考資料
“Authentication”(認證)和“Authorization”(授權)是計算機安全中的兩個核心概念,雖然常被混淆,但功能截然不同:
簡記:認證是“驗明正身”,授權是“劃定權限”。兩者共同構建系統安全防線。
nationalbecamego bowlingliablebarstarborrowedCadillacdeadpannedhoneysHuevosnecklacesSubmergingtabletopas you werebid oncalculating dataMicrosoft Wordscotch tapeShadow Chancellorstay at hometurn of the centuryvelvet gloveActinophryidaexcitatoryexcyclophoriagentianolhyperaciditeLeptochaetemammillaryvanes