- Authentication — a process where a user provides their username and password, or uses some other means for identifying themselves, such as OpenID.
- Authorization — defining the type of operations which the current user can or cannot do.
- white-list — an authorization strategy under which all actions/pages are restricted, unless specifically allowed. White-list is considered more secure than black-list.
- black-list - an autorization strategy under which a check for restricted actions/pages is performed in order to disallow user access.