Which process is responsible for authorizing users based on their credentials?

The process responsible for authorizing users based on their credentials is authentication. Authentication is the mechanism that verifies the identity of a user attempting to gain access to a system. It involves checking the credentials provided by the user, such as usernames and passwords, against stored information to confirm whether the user is who they claim to be.

Once a user is authenticated and their identity is established, they can be granted or denied access to certain resources based on predefined access controls and permissions. This makes authentication a critical component of security, ensuring that only legitimate users can access sensitive systems and information.

In contrast, system access controls refer to the broader policies and rules that govern which users have access to different resources, while auditing is the process of recording and reviewing activities and events within a system. Data encryption, on the other hand, involves encoding data to protect its confidentiality during storage or transmission but does not inherently verify user credentials. Thus, authentication specifically pertains to the verification of user identities, making it the correct choice in this context.