SShortSingh.
TopTechnologyAI & MLStartupsProgrammingScienceBusinessFinanceCrypto & Web3World
Back to feed
Programming

Authentication vs Authorization: Key Cloud Security Concepts Explained

0
·1 views

Authentication and authorization are two distinct security processes that underpin access control in modern applications like Gmail, Netflix, and online banking. Authentication verifies a user's identity through credentials such as passwords, OTPs, or biometrics, while authorization determines what actions or resources that verified user is permitted to access. Common authentication methods include Multi-Factor Authentication (MFA) and OAuth, whereas authorization frameworks include Role-Based Access Control (RBAC) and cloud IAM policies. Security experts recommend applying the principle of least privilege, ensuring users receive only the permissions genuinely required for their role. Mistakes such as skipping MFA, reusing passwords, or granting blanket admin rights remain widespread vulnerabilities that significantly raise security risks.

Read the full story at DEV Community

This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)

Log in to join the discussion and vote.

Log in

Related stories

0
ProgrammingDEV Community ·

What Is 'The Cloud'? A Plain-Language Breakdown of How It Works

The cloud refers to computing infrastructure — including processing power, storage, and networking — hosted on remote servers and rented over the internet. Before cloud computing, companies had to buy and maintain expensive physical servers on their own premises, which was costly and difficult to scale. Cloud providers replaced that model with a pay-as-you-go approach, letting businesses access exactly the resources they need without owning hardware. The three major cloud providers dominating the market are Amazon Web Services, Microsoft Azure, and Google Cloud, with AWS being the largest since its 2006 launch. Everyday services like Google Drive and Netflix are all built on combinations of these cloud infrastructure components.

0 comments Read more at DEV Community
0
ProgrammingDEV Community ·

Developer Finds $13 in Forgotten AWS Charges After First Detailed Bill Audit

A developer studying for AWS certifications conducted a line-by-line audit of their AWS account and discovered $13.16 in charges spread across four services, including an EC2 instance they had forgotten to shut down after a study group project. The EC2 server in US East Ohio accounted for $8.25, while an attached public IPv4 address — which AWS began charging for in 2024 — added another $3.67 in unexpected fees. Route 53 DNS hosting for two domains cost $1.01, and a low-traffic static site on AWS Amplify added just $0.23. After confirming the idle EC2 instance was not serving any live site, the developer terminated it, reducing their projected monthly bill to approximately $1.64. The experience highlighted the importance of regularly reviewing cloud bills, understanding the difference between services, and choosing cost-appropriate tools like Amplify over EC2 for static websites.

0 comments Read more at DEV Community
0
ProgrammingHacker News ·

Supabase Hiring for Multigres Role

Supabase, a Y Combinator S20 alumni company, has posted a new job opening for a position related to Multigres. The listing was shared on Hacker News, directing applicants to the company's hiring page on Ashby. Multigres appears to be an internal or emerging project at Supabase, though specific details about the role were not included in the post. The listing received no points or comments on Hacker News at the time of publication.

0 comments Read more at Hacker News
0
ProgrammingDEV Community ·

Free Browser-Based Urdu Writing Platform Launches as Alternative to InPage

A developer has launched iloveurdu.com, a free browser-based platform designed for Urdu writers, students, designers, and content creators. The tool requires no account or installation and works across mobile, desktop, and Chromebook devices. It offers two editor modes — a Simple Mode for document writing and a Designer Mode for graphic layouts — both supporting proper Nastaliq font rendering. The platform addresses longstanding gaps in Urdu digital tools, where the dominant software InPage has remained largely unchanged for 30 years and is unavailable on many modern devices. Exports are provided without watermarks for all users, with cloud saving and AI features available to logged-in users.

0 comments Read more at DEV Community
Authentication vs Authorization: Key Cloud Security Concepts Explained · ShortSingh