Identity management in the context of Sun Microsystems

Authorization or authorisation (see spelling differences), in information security, computer security and IAM (Identity and Access Management), is the function of specifying rights/privileges for accessing resources, in most cases through an access policy, and then deciding whether a particular subject has privilege to access a particular resource. Examples of subjects include human users, computer software and other hardware on the computer. Examples of resources include individual files or an item's data, computer programs, computer devices and functionality provided by computer applications. For example, user accounts for human resources staff are typically configured with authorization for accessing employee records.

Authorization is closely related to access control, which is what enforces the authorization policy by deciding whether access requests to resources from (authenticated) consumers shall be approved (granted) or disapproved (rejected).

The term digital card can refer to a physical item, such as a memory card on a camera, or, increasingly since 2017, to the digital content hosted as a virtual card or cloud card, as a digital virtual representation of a physical card. They share a common purpose: identity management, credit card, debit card or driver's license. A non-physical digital card, unlike a magnetic stripe card, can emulate (imitate) any kind of card.

A smartphone or smartwatch can store content from the card issuer; discount offers and news updates can be transmitted wirelessly, via Internet. These virtual cards are used in very high volumes by the mass transit sector, replacing paper-based tickets and the earlier magnetic strip cards.