Authentication comes in two major levels: strong and standard. A "personal identifier" (name) and something you know (passWord) are the standard level. If a higher level of security than passWords is needed, people can be required to "have something" as well as "know something". The have-something category includes biometrics (e.g., fingerprints), tokens, smartcards, and a private or public key infrastructure (PKI) key.
Solutions for authentication usually vary in a large organization; senior Accountants, for example, need to access sensitive financial data, but a salesperson should not have access to the same data. Individuals accessing highly sensitive data need strong authentication, while standard authentication works for other employees. Technologies supporting flexible authentication and authorization are readily available.
Authorization also needs to be established for the different parties with whom you do business. To return to the home analogy, just because you have invited someone into your house does not mean that the person has the right to examine your tax returns or read your love letters. Authorization provides the same controls for digital environments. You may be collaborating with company A on a business deal but competing with them on a different contract. Obviously, you would not want all your information to be available to them. In this case, only people authorized according to your business rules should be able to access the relevant information.
In addition, access controls can limit resources down to individual records in a database and work with authentication. Within large databases, groups or individuals can be granted access to different information using tools that offer fine-grained access control. Different levels of authentication may be demanded on the basis of what information is accessed. Senior employees may not need to pass stringent security to see the company's annual report, but they may later be asked to pass higher security to see unreleased financial information. These kinds of flexible authorization are necessary for e-commerce.
Copyright © 2026 eLLeNow.com All Rights Reserved.
