The process of granting or denying access to resources based on the authenticated identity of the user or system.