Get Started
  • Home
  • /
  • Authorisation

Authorisation

The process of granting permission to Non-Human Identities (NHIs) to access resources or perform actions within a system.

Description

Authorisation in the context of Non-Human Identities (NHIs) refers to the mechanisms and policies that determine what actions or resources these identities can access within a digital environment. NHIs, such as applications, services, or devices, often require specific permissions to interact with other systems or data. This process is crucial for maintaining security, ensuring that NHIs can only perform actions that are necessary for their function while preventing unauthorized access. For instance, an application might need to access a database to retrieve information, but it should only be permitted to access certain tables relevant to its operation. Authorisation mechanisms can include role-based access control (RBAC), attribute-based access control (ABAC), and other security frameworks that define permissions based on the identity's role or attributes. Proper authorisation helps safeguard sensitive data and maintains the integrity of the system by ensuring that NHIs operate within defined boundaries.

Examples

  • An API key that allows a service to access a specific dataset in a cloud storage solution.
  • A smart thermostat that can adjust home heating settings based on user preferences, requiring authorisation to access the HVAC system.

Additional Information

  • Authorisation often works in conjunction with authentication, which verifies the identity of the NHI.
  • The implementation of authorisation policies is essential for ensuring compliance with data protection regulations.

References