Authentication is the act of validating that users are whom they claim to be. This is the first step in any security process.
Authorization in system security is the process of giving the user permission to access a specific resource or function. This term is often used interchangeably with access control or client privilege.
Domain-driven design (DDD) advocates modeling based on the reality of business as relevant to your use cases.