Register now or log in to join your professional community.
Generally speaking: Authentication is a process of identifying that you are what you claim.
Authorization is a process used to check whether a user is authorized to access specific resource.
The most trusted authentication method is using digital certificates. In which certificate authority (CA) will sign a certificate for parts need to be authenticated using CA private key, and publish its public key. This will allow the parties to verify that a trusted CA issued a certificate.
AAA is the most common authorization protocol used. In fact it’s Authentication, Authorization and Accounting protocol.
Authentication is : Who You Are
Authorization is: What You Can Do in my network after authentication
Accounting or Auditing is: What You Have Done
RADIUS is an industry standard protocol used to accomplish these3 phases. In RADIUS, Authentication and Authorization both done in one step. Also, Cisco TACACS+ can be used to deliver triple A services to the network. The difference is RADIUS uses UDP which is unreliable and TACACS+ uses TCP which reliable. In addition, TACACS+ is better since it separates each of the triple A phase in its own step.
Great answer by Fawaz, just to add to it.
In layman terms, Authentication defines who has access to a device, authorization defines what all privileges he has ( Like you can define privileges in Cisco while configuring the username command).
Hope this helps!!!