Authorization is the process of determining whether a user, system, or other entity has access to a specific resource or set of resources after authentication.
It is used to control access to resources such as data, files, network services, and other information. Authorization algorithms compare the identity of the authenticated user to a list of identities or roles allowed (authorized) to access a resource.
Common methods systems use for authorization include role-based access control (RBAC), attribute-based access control (ABAC), and rule-based access control (RBAC).
