Authorization is an authorization, an explicit permission, which refers to a user. It defines who may use which service
and which system resources in a network. During authorization, rights are assigned to the user. They authorize the user to perform a certain action. In order to achieve effective protection, when assigning rights, the user should only be authorized for the resources that he absolutely needs.
An authorization requires a check of the executing person or communication device.
Only after authorization can the desired action or transaction be performed. For example, a transaction using a credit card is first authorized by the credit card issuer after the card data has been verified.