Authorization is the security process that determines a user's level of access or the permissions they have to specific system resources. This process occurs after a user's identity has been successfully verified through authentication. The question specifies a "signed-in user," indicating authentication has already been completed. Therefore, the subsequent step of checking whether that user can access a particular resource is authorization.

• Authentication answers the question, "Who are you?".
• Authorization answers the question, "What are you allowed to do?".
• Federation and Single sign-on (SSO) are mechanisms related to authentication across different systems, not the process of granting access to a specific resource within a system.

Microsoft Official Documentation: "Authorization is the process of giving a user permission to access a resource. For example, after a user authenticates to a web application, the application would authorize the user to access a specific set of pages or perform certain actions like creating, reading, editing, or deleting data."

Source: Microsoft identity platform documentation, "Authentication vs. authorization". Retrieved from https://learn.microsoft.com/en-us/entra/identity-platform/authentication-vs-authorization, Section: "Authorization".

NIST Glossary: "Authorization: The process of verifying that a requested action or service is approved for a specific entity."

Source: National Institute of Standards and Technology (NIST) Computer Security Resource Center, Glossary. Retrieved from https://csrc.nist.gov/glossary/term/authorization.

IEEE Xplore Digital Library: "Authentication is a mechanism by which a system verifies the identity of a user. Once a user is authenticated, the system uses an authorization mechanism to decide whether the user will be granted access to a resource."

Source: Al-Sinani, M., & Al-Washahi, M. (2020). A Review of Authentication and Authorization Techniques in Online Social Networks. 2020 3rd International Conference on Computer Applications & Information Security (ICCAIS). IEEE. https://doi.org/10.1109/ICCAIS48893.2020.9096839, Section III-A.