ABSTRACT
Now we assume that an external user has satisfied the requirements for authentication and has entered a system. Although for many of us, we may have a personal computer with access only for one person, more and more the norm in a cyberenvironment is that there may be multiple parties present in the same environment with distinct sets of resources (files or applications).
Thus, the problem of authorization must be addressed. Suppose a user requests access to a specific file. What is the mechanism to ensure that that particular user has the authorization to either read, write, or delete that file, no matter where in this environment this resource resides. Over time, there have been many approaches to this problem.
