(2) Authorization is the process of granting of denying access rights and permissions to a protected resource, such as a network, a system, an application, a function, or a file. A key component of granting of denying access rights is the concept of “least privilege” that means users are granted only those access rights and permissions that they need to perform their official duties (Information Security by Nancy R. Kingsbur)