{"id":8851,"date":"2020-09-25T14:59:39","date_gmt":"2020-09-25T11:59:39","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=8851"},"modified":"2020-09-25T14:59:39","modified_gmt":"2020-09-25T11:59:39","slug":"identification-authentication-authorization-difference","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/identification-authentication-authorization-difference\/8851\/","title":{"rendered":"Kimlik tan\u0131mlama, kimlik do\u011frulama ve yetkilendirmenin fark\u0131 nedir?"},"content":{"rendered":"<p>Bunlar her g\u00fcn hepimizin ya\u015fad\u0131\u011f\u0131 prosed\u00fcrler. \u00c7e\u015fitli sistemler taraf\u0131ndan s\u00fcrekli olarak kimli\u011fimiz tan\u0131mlan\u0131r, do\u011frulan\u0131r ve yetkilendiriliriz. Ancak bir\u00e7ok ki\u015fi, asl\u0131nda <em>kimlik do\u011frulama<\/em>dan bahsederken genellikle <em>kimlik tan\u0131mlama<\/em> veya <em>yetkilendirme<\/em> terimlerini kullanarak bu kelimelerin anlamlar\u0131n\u0131 kar\u0131\u015ft\u0131r\u0131r.<\/p>\n<p>G\u00fcnl\u00fck bir konu\u015fma s\u0131ras\u0131nda, iki taraf\u0131n da ne hakk\u0131nda konu\u015ftuklar\u0131n\u0131 anlad\u0131\u011f\u0131 s\u00fcrece bunun \u00e7ok da \u00f6nemi yoktur. Kulland\u0131\u011f\u0131n\u0131z kelimelerin anlam\u0131n\u0131 bilmek her zaman daha iyidir, ancak er ya da ge\u00e7, yetkilendirme mi yoksa kimlik do\u011frulama m\u0131, az m\u0131 \u00e7ok mu, o mu bu mu gibi sorularla her \u015feyi netle\u015ftirmek isteyen, sizi \u00e7\u0131lg\u0131na \u00e7evirecek bir bilgisayar kurdu ile kar\u015f\u0131la\u015f\u0131rs\u0131n\u0131z.<\/p>\n<p>Peki, <em>kimlik tan\u0131mlama<\/em>, <em>kimlik do\u011frulama<\/em> ve <em> yetkilendirme<\/em> terimleri ne anlama geliyor, s\u00fcre\u00e7ler birbirinden nas\u0131l ayr\u0131l\u0131yor? \u0130lk \u00f6nce Wikipedia\u2019ya dan\u0131\u015f\u0131yoruz:<\/p>\n<ul>\n<li>\u201c<strong>Kimlik tan\u0131mlama<\/strong>, bir ki\u015finin veya nesnenin kimli\u011fini belirtme eylemidir.\u201d<\/li>\n<li>\u201c<strong>Kimlik do\u011frulama<\/strong>, bir bilgisayar sistemi kullan\u0131c\u0131s\u0131n\u0131n [\u2026] kimli\u011fini kan\u0131tlama eylemidir\u201d (\u00f6rne\u011fin, girilen \u015fifre veritaban\u0131nda saklanan \u015fifre ile kar\u015f\u0131la\u015ft\u0131r\u0131larak).<\/li>\n<li>\u201c<strong>Yetkilendirme<\/strong>, kaynaklara eri\u015fim haklar\u0131n\u0131\/ayr\u0131cal\u0131klar\u0131n\u0131 belirleme i\u015flevidir.\u201d<\/li>\n<\/ul>\n<p>Kavramlara \u00e7ok a\u015fina olmayan insanlar\u0131n, onlar\u0131 neden kar\u0131\u015ft\u0131rabilece\u011fini anlayabilirsiniz.<\/p>\n<h2>Kimlik tan\u0131mlama, kimlik do\u011frulama ve yetkilendirmeyi a\u00e7\u0131klamak i\u00e7in rakunlar\u0131 kullanmak<\/h2>\n<p>\u015eimdi, daha biraz daha basitle\u015ftirmek i\u00e7in bir \u00f6rnek kullanal\u0131m. Bir kullan\u0131c\u0131n\u0131n Google hesab\u0131na giri\u015f yapmak istedi\u011fini varsayal\u0131m. Google iyi bir \u00f6rnektir \u00e7\u00fcnk\u00fc hesaba giri\u015f s\u00fcreci d\u00fczg\u00fcn birka\u00e7 temel ad\u0131ma b\u00f6l\u00fcnm\u00fc\u015ft\u00fcr. S\u00fcre\u00e7 \u015fu \u015fekilde ilerler:<\/p>\n<ul>\n<li>\u0130lk olarak, sistem bir kullan\u0131c\u0131 girmenizi ister. Kullan\u0131c\u0131, bir giri\u015f yapar ve sistem bunu ger\u00e7ek bir giri\u015f olarak tan\u0131r. Bu, <strong>kimlik tan\u0131mlamad\u0131r<\/strong>.<\/li>\n<li>Google daha sonra bir \u015fifre ister. Kullan\u0131c\u0131, \u015fifreyi girer ve girilen \u015fifre saklanan \u015fifreyle e\u015fle\u015firse, sistem kullan\u0131c\u0131n\u0131n ger\u00e7ek g\u00f6r\u00fcnd\u00fc\u011f\u00fcn\u00fc de kabul eder. Bu, <strong>kimlik do\u011frulamad\u0131r<\/strong>.<\/li>\n<li>\u00c7o\u011fu durumda Google, s\u00fcrecin devam\u0131nda k\u0131sa mesaj veya kimlik do\u011frulama uygulamas\u0131ndan tek kullan\u0131ml\u0131k do\u011frulama kodu girilmesini ister. Kullan\u0131c\u0131, bunu da do\u011fru bir \u015fekilde girerse, sistem sonunda hesab\u0131n ger\u00e7ek sahibi oldu\u011funu kabul eder. Bu, <strong>iki fakt\u00f6rl\u00fc kimlik do\u011frulamad\u0131r<\/strong>.<\/li>\n<li>Son olarak sistem, kullan\u0131c\u0131ya gelen kutusu ve di\u011fer klas\u00f6rdeki e-postalar\u0131 okuma hakk\u0131 verir. Bu, <strong>yetkilendirmedir<\/strong>.<\/li>\n<\/ul>\n<p>\u00d6ncesine tan\u0131mlama yap\u0131lmadan kimlik do\u011frulama bir anlam ifade etmez; sistemin kimin ger\u00e7ekli\u011fini do\u011frulayaca\u011f\u0131n\u0131 bilmeden kontrol etmeye ba\u015flamas\u0131n\u0131n bir anlam\u0131 olmaz. \u00d6nce kendini tan\u0131tmak gerekir.<\/p>\n<p>Ayn\u0131 \u015fekilde, kimlik do\u011frulama olmadan kimlik tan\u0131mlama da aptalca olurdu. Veri taban\u0131nda bulunan herhangi bir oturum a\u00e7ma bilgisini herkes girebilir \u2014 sistemin parolaya ihtiyac\u0131 olacakt\u0131r. Ancak birisi \u015fifrenize g\u00f6z ucuyla bakabilir ya da sadece tahmin edebilir. Tek seferlik do\u011frulama kodu gibi, yaln\u0131zca ger\u00e7ek kullan\u0131c\u0131n\u0131n sahip olabilece\u011fi kan\u0131t istemek daha iyidir.<\/p>\n<p>Bunun aksine, b\u0131rak\u0131n kimli\u011fin tan\u0131mlanmadan do\u011frulamas\u0131n\u0131, kimliksiz yetkilendirme de olduk\u00e7a m\u00fcmk\u00fcnd\u00fcr. \u00d6rne\u011fin, Google Drive\u2019daki belgelerinize herkesin ula\u015fabilmesi i\u00e7in herkese a\u00e7\u0131k eri\u015fim verebilirsiniz. Bu durumda, belgenizin anonim rakun taraf\u0131ndan g\u00f6r\u00fcnt\u00fclendi\u011fini belirten bir bildirim g\u00f6rebilirsiniz. Rakun anonim olsa da, sistem buna izin verdi \u2014 yani, belgeyi g\u00f6r\u00fcnt\u00fcleme hakk\u0131 verdi.<\/p>\n<p>Bununla birlikte yaln\u0131zca belirli kullan\u0131c\u0131lara salt okunur \u015fekilde yetki vermi\u015f olsayd\u0131n\u0131z, rakunun okuma hakk\u0131 elde etmesi i\u00e7in kimli\u011fi tan\u0131mlanmal\u0131 (kullan\u0131c\u0131 ad\u0131 giri\u015fini yaparak), ard\u0131ndan do\u011frulanmal\u0131 (\u015fifre ve bir kerelik do\u011frulama kodu sa\u011flayarak) sonras\u0131nda belgeyi okumak i\u00e7in yetki verilmeli (yetkilendirme).<\/p>\n<p>Posta kutunuzun i\u00e7eri\u011fini okumak s\u00f6z konusu oldu\u011funda, Google hi\u00e7bir zaman anonim bir rakuna mesajlar\u0131n\u0131z\u0131 okuma yetkisi vermez. Rakun, kullan\u0131c\u0131 bilgileriniz ve \u015fifrenizle kendini siz gibi tan\u0131tmak zorunda kalacak ve bu noktada art\u0131k anonim bir rakun olmayacakt\u0131r; Google giri\u015fi yapan\u0131n siz oldu\u011funuzu belirler.<\/p>\n<p>Art\u0131k kimlik tan\u0131mlaman\u0131n, kimlik do\u011frulama ve yetkilendirmeden farkl\u0131 oldu\u011funu biliyorsunuz. \u00d6nemli bir nokta daha: Hesab\u0131n\u0131z\u0131n g\u00fcvenli\u011fi a\u00e7\u0131s\u0131ndan belki de en kilit s\u00fcre\u00e7 kimlik do\u011frulamad\u0131r. Kimlik do\u011frulama i\u00e7in zay\u0131f bir \u015fifre kullan\u0131yorsan\u0131z, bir rakun hesab\u0131n\u0131z\u0131 ele ge\u00e7irebilir. Bu nedenle:<\/p>\n<ul>\n<li>T\u00fcm hesaplar\u0131n\u0131z i\u00e7in <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/strong-password-day\/5640\/\" target=\"_blank\" rel=\"noopener\">g\u00fc\u00e7l\u00fc<\/a> ve <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/never-reuse-passwords-story\/5502\/\" target=\"_blank\" rel=\"noopener\">benzersiz<\/a> \u015fifreler olu\u015fturun.<\/li>\n<li>\u015eifrelerinizi hat\u0131rlamakta sorun ya\u015f\u0131yorsan\u0131z, <a href=\"https:\/\/www.kaspersky.com.tr\/password-manager?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2c_kasperskydaily_wpplaceholder____kpm___\" target=\"_blank\" rel=\"noopener\">bir \u015fifre y\u00f6neticisine<\/a> g\u00fcvenin. Ayn\u0131 zamanda \u015fifre olu\u015fturmada da size yard\u0131mc\u0131 olabilir.<\/li>\n<li>Destekleyen her hizmet i\u00e7in <a href=\"https:\/\/www.kaspersky.com\/blog\/2fa-practical-guide\/24219\/\" target=\"_blank\" rel=\"noopener nofollow\">k\u0131sa mesajlardaki tek seferlik do\u011frulama kodlar\u0131yla veya bir kimlik do\u011frulama uygulamas\u0131yla yap\u0131lan iki fakt\u00f6rl\u00fc kimlik do\u011frulamas\u0131n\u0131 etkinle\u015ftirin<\/a>. Aksi takdirde, \u015fifrenizde pen\u00e7eleri olan baz\u0131 anonim rakunlar, gizli yaz\u0131\u015fmalar\u0131n\u0131z\u0131 okuyabilir veya daha k\u00f6t\u00fc \u015feyler yapabilir.<\/li>\n<\/ul>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kpm\">\n","protected":false},"excerpt":{"rendered":"<p>Kimlik tan\u0131mlama, yetkilendirme ve kimlik do\u011frulaman\u0131n fark\u0131n\u0131n ne oldu\u011funu ve iki fakt\u00f6rl\u00fc kimlik do\u011frulaman\u0131n (2FA) neden gerekli oldu\u011funu a\u00e7\u0131klamak i\u00e7in rakunlar\u0131 kullan\u0131yoruz.<\/p>\n","protected":false},"author":421,"featured_media":8852,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[994],"tags":[1624,2026,1105,1575,2278,561,2279],"class_list":{"0":"post-8851","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-privacy","8":"tag-2fa","9":"tag-iki-faktorlu-kimlik-dogrulama","10":"tag-kaspersky-password-manager","11":"tag-kimlik-dogrulama","12":"tag-kimlik-tanimlama","13":"tag-sifreler","14":"tag-yetkilendirme"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/identification-authentication-authorization-difference\/8851\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/identification-authentication-authorization-difference\/21926\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/identification-authentication-authorization-difference\/17402\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/identification-authentication-authorization-difference\/10669\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/identification-authentication-authorization-difference\/23338\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/identification-authentication-authorization-difference\/21531\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/identification-authentication-authorization-difference\/20152\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/identification-authentication-authorization-difference\/23914\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/identification-authentication-authorization-difference\/22886\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/identification-authentication-authorization-difference\/29123\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/identification-authentication-authorization-difference\/37143\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/identification-authentication-authorization-difference\/15708\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/identification-authentication-authorization-difference\/16078\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/identification-authentication-authorization-difference\/13993\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/identification-authentication-authorization-difference\/25229\/"},{"hreflang":"zh","url":"https:\/\/www.kaspersky.com.cn\/blog\/identification-authentication-authorization-difference\/11999\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/identification-authentication-authorization-difference\/29254\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/identification-authentication-authorization-difference\/26124\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/identification-authentication-authorization-difference\/22896\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/identification-authentication-authorization-difference\/28219\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/identification-authentication-authorization-difference\/28053\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/sifreler\/","name":"\u015fifreler"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8851","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/421"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=8851"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8851\/revisions"}],"predecessor-version":[{"id":8853,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8851\/revisions\/8853"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/8852"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=8851"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=8851"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=8851"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}