Learning Objectives

• What is the difference between authentication and authorization?
  • Authentication = who is asking?
  • Authorization = what do you want to do?
• What are some different ways to manage permissions? What are the advantages and drawbacks of each?
  • In order of complexity: ACL, RBAC, ABAC
• What is some advantages of token-based auth? Why are most organizations adopting it? Are there any drawbacks?
  • Reduces complexity by providing one “handshake”, but doesn’t solve everything (e.g. data access, token management)
• For each of the following, is it a username + password method or a token method? PAM, LDAP, Kerberos, SAML, ODIC/OAuth

PAM = username + password

LDAP = username + password

Kerberos = Token

SAML = Token

ODIC/OAuth = Token