What is the process of giving individual access to a system or resource?

Authorization is the process of granting individual access to a system or resource after their identity has been authenticated. This step involves defining what permissions or rights a user or system has once they have successfully logged in. Authorization ensures that users have the appropriate permissions to access specific data, applications, or functionalities based on their role or status within an organization.

For instance, once a user is authenticated—confirming their identity through credentials such as a username and password—the system checks predefined access controls to determine what the user can do. This might include accessing particular files, executing specific commands, or altering settings.

Understanding the difference between authorization and other related concepts can be crucial. Authentication, for example, refers to the verification of a user's identity, while accounting involves tracking user activities for audit trails. Non-repudiation refers to ensuring that an action or event cannot be denied or disputed after it has occurred. In the context of granting access, authorization is the critical step that follows authentication, making it the correct choice in this scenario.