{ "id": "security-authentication-and-authorization", "name": "Authentication and Authorization", "category": "computer_science", "subcategory": "security", "subcategory_name": "Security & Cryptography", "description": "Research-grade pilot map of authentication and authorization as a zero-trust access decision workflow, including identity proofing, token validation, policy evaluation, step-up controls, auditability, cache invalidation, and threat-informed observability.", "complexity": { "nodes": 10, "edges": 11, "conditionals": 1, "logicGates": { "orGates": 2, "andGates": 1, "notGates": 0, "total": 3 }, "level": "high", "detailLevel": "source_grounded_rebuild", "loops": 1 }, "colorScheme": { "red": { "hex": "#ff6b6b", "category": "Triggers & Inputs" }, "yellow": { "hex": "#ffd43b", "category": "Structures & Objects" }, "green": { "hex": "#51cf66", "category": "Processing & Operations" }, "blue": { "hex": "#74c0fc", "category": "Intermediates & States" }, "violet": { "hex": "#b197fc", "category": "Products & Outputs" } }, "mermaid": "graph TD\n N1[\"Authentication and...\"]\n N2[\"User Request\"]\n N3[\"Credentials/Token\"]\n N4[\"Identity Provider\"]\n N5[\"Policy/Role Store\"]\n N6[\"Authenticate Identity\"]\n N7[\"Authorize Action\"]\n N8[\"Decision\"]\n N9{\"Source-grounded check: OAuth...\"}\n N10[\"Authentication and...\"]\n\n N1 --> N2\n N2 --> N3\n N3 --> N4\n N4 --> N5\n N5 --> N6\n N6 --> N7\n N7 --> N8\n N8 --> N9\n N9 -->|yes| N10\n N8 -->|iterate| N3\n N4 -->|skip/opt| N7\n\n style N1 fill:#ff6b6b,color:#fff\n style N2 fill:#ff6b6b,color:#fff\n style N3 fill:#ff6b6b,color:#fff\n style N4 fill:#ffd43b,color:#000\n style N5 fill:#ffd43b,color:#000\n style N6 fill:#51cf66,color:#fff\n style N7 fill:#51cf66,color:#fff\n style N8 fill:#b197fc,color:#fff\n style N9 fill:#ffd43b,color:#000\n style N10 fill:#b197fc,color:#fff", "sources": [ { "title": "OAuth 2.0 Authorization Framework", "authors": "Hardt, D.", "journal": "RFC 6749", "year": "2012", "pubmed": null, "doi": "10.17487/RFC6749", "url": "https://doi.org/10.17487/RFC6749" }, { "title": "OpenID Connect Core 1.0", "authors": "Sakimura, N.; Bradley, J.; Jones, M.; de Medeiros, B.; Mortimore, C.", "journal": "OpenID Foundation", "year": "2014", "pubmed": null, "doi": null, "url": "https://openid.net/specs/openid-connect-core-1_0.html" }, { "title": "Zero Trust Architecture", "authors": "Rose, S.; Borchert, O.; Mitchell, S.; Connelly, S.", "journal": "NIST SP 800-207", "year": "2020", "pubmed": null, "doi": "10.6028/NIST.SP.800-207", "url": "https://doi.org/10.6028/NIST.SP.800-207" } ], "keywords": [ "authentication", "authorization", "OAuth", "OIDC", "RBAC", "ABAC", "zero trust", "policy enforcement" ], "relatedProcesses": [], "created": "2026-01-15", "lastUpdated": "2026-04-30", "verified": false, "notes": "Corrective rebuild: replaces the generic scaffold with a process-specific step structure and records topology for duplicate detection.", "graphMetrics": { "nodes": 10, "edges": 11, "conditionals": 1, "andGates": 1, "orGates": 2, "notGates": 0, "loops": 1 }, "researchEnhancements": { "pilot": true, "model": "research_grade_flowchart", "nodeSemantics": [ "trigger", "context", "decision", "operation", "state", "feedback", "observable", "prediction" ], "reviewFocus": [ "mechanistic correctness", "decision density", "evidence support", "intervention value" ] }, "nodeDetails": [ { "id": "N1", "label": "Authentication and...", "detail": "Authentication and Authorization research question", "type": "process", "role": "Triggers & Inputs" }, { "id": "N2", "label": "User Request", "detail": "User Request", "type": "process", "role": "Triggers & Inputs" }, { "id": "N3", "label": "Credentials/Token", "detail": "Credentials/Token", "type": "process", "role": "Triggers & Inputs" }, { "id": "N4", "label": "Identity Provider", "detail": "Identity Provider", "type": "process", "role": "Structures & Objects" }, { "id": "N5", "label": "Policy/Role Store", "detail": "Policy/Role Store", "type": "process", "role": "Structures & Objects" }, { "id": "N6", "label": "Authenticate Identity", "detail": "Authenticate Identity", "type": "process", "role": "Processing & Operations" }, { "id": "N7", "label": "Authorize Action", "detail": "Authorize Action", "type": "process", "role": "Processing & Operations" }, { "id": "N8", "label": "Decision", "detail": "Decision", "type": "process", "role": "Products & Outputs" }, { "id": "N9", "label": "Source-grounded check: OAuth...", "detail": "Source-grounded check: OAuth 2.0 Authorization Framework", "type": "decision", "role": "Structures & Objects" }, { "id": "N10", "label": "Authentication and...", "detail": "Authentication and Authorization prediction/readout", "type": "process", "role": "Products & Outputs" } ], "flowchartStandard": { "name": "source_grounded_rebuild_v1", "applied": "2026-04-30", "curationStatus": "source_grounded_draft", "basis": "cs_exact_template", "topologySignature": "39f6ce98a452439b", "sourceGrounding": "Graph steps are derived from the process title, existing source metadata, and curated process/subfield templates; citations support the process topic and should be reviewed for node-level claims before marking verified." }, "namedCollections": [] }