Authentication is determining the identity of a principal trying to log in via IIS . When a principal tries to authenticate to a system, credentials are provided to verify the principal's identity.
Microsoft Online IDs are issued and maintained by Microsoft - like ids for Office 365, Hotmail, Sky Drive, and Live account.Using a Microsoft ID, a user can authenticate to various systems using same credentials.
Federation Identity (Single Sign-On) is a mechanism for allowing users within your organization to use their standard Active Directory corporate username and password toaccess Office 365.Federation with Office 365 requires the use of Active Directory Federation Services (ADFS)2.0.
Authorization is verifying an authenticated user's access to a application as per Access Control List (ACL).When a user tries to access the SharePoint site collection, their username is checked against the permissions of the site via SharePoint Groups or directly. If no permission is been granted, access is denied .
You may also like: