Steps that ensure that the individual is who he or she claims to be

What's the difference between authentication and authorization? Authentication confirms that users are who they say they are. Authorization gives those users permission to access a resource.

Índice Show

What Is Authentication?
What Is Authorization?
Authentication vs. Authorization
Granting Permissions with Okta
The Looking-Glass Self
Core Assumptions
A Modern Career in Psychology

While authentication and authorization might sound similar, they are distinct security processes in the world of identity and access management (IAM).

What Is Authentication?

Authentication is the act of validating that users are whom they claim to be. This is the first step in any security process.

Complete an authentication process with:

Passwords. Usernames and passwords are the most common authentication factors. If a user enters the correct data, the system assumes the identity is valid and grants access.
One-time pins. Grant access for only one session or transaction.
Authentication apps. Generate security codes via an outside party that grants access.
Biometrics. A user presents a fingerprint or eye scan to gain access to the system.

In some instances, systems require the successful verification of more than one factor before granting access. This multi-factor authentication (MFA) requirement is often deployed to increase security beyond what passwords alone can provide.

What Is Authorization?

Authorization in system security is the process of giving the user permission to access a specific resource or function. This term is often used interchangeably with access control or client privilege.

Giving someone permission to download a particular file on a server or providing individual users with administrative access to an application are good examples of authorization.

In secure environments, authorization must always follow authentication. Users should first prove that their identities are genuine before an organization’s administrators grant them access to the requested resources.

Authentication vs. Authorization

Despite the similar-sounding terms, authentication and authorization are separate steps in the login process. Understanding the difference between the two is key to successfully implementing an IAM solution.

Let's use an analogy to outline the differences.

Consider a person walking up to a locked door to provide care to a pet while the family is away on vacation. That person needs:

Authentication, in the form of a key. The lock on the door only grants access to someone with the correct key in much the same way that a system only grants access to users who have the correct credentials.
Authorization, in the form of permissions. Once inside, the person has the authorization to access the kitchen and open the cupboard that holds the pet food. The person may not have permission to go into the bedroom for a quick nap.

Authentication and authorization work together in this example. A pet sitter has the right to enter the house (authentication), and once there, they have access to certain areas (authorization).

	Authentication	Authorization
What does it do?	Verifies credentials	Grants or denies permissions
How does it work?	Through passwords, biometrics, one-time pins, or apps	Through settings maintained by security teams
Is it visible to the user?	Yes	No
It is changeable by the user?	Partially	No
How does data move?	Through ID tokens	Through access tokens

Systems implement these concepts in the same way, so it’s crucial that IAM administrators understand how to utilize both:

Authentication. Let every staff member access your workplace systems if they provide the right credentials in response to your chosen authentication requirements.
Authorization. Grant permission to department-specific files, and reserve access to confidential data, such as financial information, as needed. Ensure that employees have access to the files they need to do their jobs.

Understand the difference between authentication and authorization, and implement IAM solutions that have strong support for both. You will protect your organization against data breaches and enable your workforce to be more productive.

Granting Permissions with Okta

Okta Lifecycle Management gives you an at-a-glance view of user permissions, meaning you can easily grant and revoke access to your systems and tools as needed. Meanwhile, Okta Adaptive MFA lets you safeguard your infrastructure behind your choice of authentication factors.

For example, make production orders accessible only to certain users who may then have to authenticate using both their company credentials and voice recognition.

The opportunities to streamline IAM in your organization are endless. Find out how Okta can keep you, your employees, and your enterprise safe.

When it comes to understanding ourselves, social interaction plays a more important role than many of us realize. According to sociologist Charles Horton Cooley, individuals develop their concept of self by observing how they are perceived by others, a concept Cooley coined as the “looking-glass self.” This process, particularly when applied to the digital age, raises questions about the nature of identity, socialization, and the changing landscape of self.

The Looking-Glass Self

The looking-glass self describes the process wherein individuals base their sense of self on how they believe others view them. Using social interaction as a type of “mirror,” people use the judgments they receive from others to measure their own worth, values, and behavior. According to Self, Symbols, & Society, Cooley’s theory is notable because it suggests that self-concept is built not in solitude, but rather within social settings. In this way, society and individuals are not separate, but rather two complementary aspects of the same phenomenon.

Core Assumptions

According to Society in Focus, the process of discovering the looking-glass self occurs in three steps:

An individual in a social situation imagines how they appear to others.
That individual imagines others’ judgment of that appearance.
The individual develops feelings about and responds to those perceived judgments.

In practice, the process might look like this:

Someone meets a group of new work colleagues for the first time. This individual believes she can easily demonstrate professionalism and competence to others. During this interaction with her new co-workers, the individual pays attention to her colleagues’ body language, word choices, and reactions to the conversation. If these coworkers provide positive feedback, such as maintaining eye contact or offering a firm handshake, the individual’s belief in her own professionalism will be upheld. However, if the colleagues provide negative feedback, such as looking away or leaving the conversation quickly, the individual might question how professional they truly are.

The process of the looking-glass self is further complicated by the context of each interaction and the nature of the people involved. Not all feedback carries the same weight, for instance. People may take the responses from those whom they trust more seriously than those of strangers. Signals may be misinterpreted. People also usually take their own value systems into consideration when thinking through any changes to their behavior or views of self.

Ultimately, the process of the looking-glass self is one of alignment. People constantly seek to create consistency between their internal and external worlds and, therefore, continue to perceive, adjust, and strive for equilibrium throughout their lives.

The rise of social media makes the process of the looking-glass self infinitely more complex. Platforms like Facebook, Twitter, and the like make it possible to connect with others in ways never before imagined. However, this exposure has led to an ever-increasing number of “mirrors,” thus proposing new questions about the development of self.

Social media has brought with it the concept of the “cyber” self, Mary Aiken explains. The cyber self is the version of him or herself a person chooses to present on a digital platform. As in real life, the cyber self may interact with other individuals, receive social feedback, and align to social conformities. However, the differences between the cyber self and actual self are profound.

A person may possess many versions of the cyber self, for example. He or she may present a professional self on LinkedIn, a casual self on Twitter, or an artistic self on Pinterest. The cyber self also continues to exist in social spaces even when people are not interacting with those environments in real time. In this way, social media users are never fully removed from exposure to judgment and criticism. And unlike the actual self, the cyber self is far more malleable when it comes to being shaped, updated, and perfected.

These unique qualities of the cyber self raise a host of psychological issues and concerns, Aiken explains. Individuals may experience a greater sense of urgency to return to or remain in digital spaces. They may be increasingly involved in the curation of their online identities, possibly at the cost of developing their real-world selves. The host of digital platforms involved also brings into question whether one’s identity may become splintered, or whether developmental problems will result. All these consequences are more severe when digital users are young or in their teens.

However, changes to the social self via digital platforms are not always steeped in such negative implications. A study published in the Journal of Social Media and Society, for example, describes a host of positive outcomes that arise from the digital looking-glass self. When YouTube video producers were interviewed about their content-creation practices and its influence on their sense of self, they offered a range of positive responses. Results included:

A sense of gained confidence
Enhanced creativity
Overcoming of major social hurdles
Increased sense of self-worth
A strengthened professional image
Feelings of altruism and “helping others” through their content
Interacting in a positive social space

Whether digital platforms are ultimately a help or a hindrance to self-identity remains to be seen. The human mind is still very much a frontier of modern science. For individuals who wish to ask the psychological questions essential for modern times, however, the right career begins with the right degree.

Additional sources: Human Nature and the Social Order

A Modern Career in Psychology

At Lesley University, the online Bachelor of Science in Psychology degree program prepares students to succeed in this ever-evolving field. Lesley’s well-rounded curriculum trains students in a variety of subject areas, including cognition, abnormal behavior, development, and more. Required laboratory and internship work means students gain valuable hands-on experience that provides a competitive edge after graduation. Because Lesley’s program is offered fully online, students have ultimate flexibility when earning their degrees.

Read more about our faculty, students and alumni.