The are two aspects addressed by security:

  1. Authentication — is concerned with verifying a person’s identity prior to being granted access, it may be local or managed by a third party (see OAuth)
  2. Authorization — is concerned with specifying access rights/privileges to resources related to information security and computer security in general and to access control in particular.

Spin the Web