Background: Prior to using the system, users must authenticate themselves, either by using SSO or entering unique credentials (username/password).

After authentication, the system determines this users’ authorization level (which function these users are allowed to use and which data they are allowed to see and/or modify)

Scenario: Users are allowed to use only those system functions and see only the data they are authorized for.