Identification is the ability to identify uniquely a user of a system or an application that is running in the system. Authentication is the ability to prove that a user or application is genuinely who that person or what that application claims to be.
- Who are you?
- Can you prove you are who you say you are?
Authorization protects critical resources in a system by limiting access only to authorized users and their applications. It prevents the unauthorized use of a resource or the use of a resource in an unauthorized manner.
- What are you allowed to do?
- What are you not allowed to do?
The confidentiality mechanisms protect sensitive information from unauthorized disclosure.
- How do you keep anyone from seeing your message?
The data integrity and nonrepudiation mechanisms detect whether unauthorized modification of data occurred.
- How do you know if anyone has intercepted the message and tampered with it?
- How do you verify the sender and authenticate they are who they say they are?