LOGBOOK

HELP

Quiz Entry - updated: 2026.05.28

What is the difference between authentication (Authentisierung/Authentifizierung) and authorisation (Autorisierung)?

Authentication proves who you are; authorisation decides what you're allowed to do.

They happen in order:

  1. Authentication — verify a claimed identity (password, certificate, biometrics). German: Authentisierung (the user proving it) / Authentifizierung (the system checking it).
  2. Authorisation (Autorisierung) — after successful authentication, grant permission to access specific resources (data, files, services, networks), e.g. via Active Directory groups.

Together with accountability (Zugriffskontrolle), they make up access control — whose purpose is to uphold confidentiality, integrity, and availability.

Tip: A useful one-liner — "Authentication = who are you? Authorisation = what may you do?" You must authenticate before you can be authorised, but being authenticated doesn't mean you're authorised for everything.

From Quiz: ISF / Foundations, Key Terms & Ransomware | Updated: May 28, 2026