Users, roles, permissions
Access control models (ACLs, RBAC)
Authorization best practices
Understanding OAuth 2.0 and OpenID Connect
Kerberos and LDAP for enterprise authentication
SAML for web-based single sign-on
JSON Web Tokens (JWT) for stateless authentication