Authorization or authorisation, in information security, computer security and IAM, is the function of specifying rights/privileges for accessing resources, in most cases through an access policy, and then deciding whether a particular subject has privilege to access a particular resource. From Wikipedia
