What is the difference between identification, authentication, authorization, and accounting?

Identification is claiming an identity, such as entering a username. Authentication is proving that identity through credentials like a password or biometric. Authorization is determining what the authenticated user is permitted to access based on policies and permissions. Accounting, also called auditing, is recording what the user did for accountability and forensics. These four steps occur in sequence: you cannot authorize without first authenticating, and you cannot authenticate without first identifying. The acronym IAAA helps remember the order.