Access to assets and associated facilities is limited to authorized users, processes, or devices, and to authorized activities and transactions.
Identification describes a method of ensuring that a subject is the entity it claims to be. E.g.: A user name or an account no.
Authentication is the method of proving the subjects identity. E.g.: Password, Passphrase, PIN
Authorization is the method of controlling the access of objects by the subject. E.g.: A user cannot delete a particular file after logging into the system