There are four components to security in Tableau Server:
- Authentication establishes a user’s identity
- Authorization determines what an authenticated user can see and do
- Data Security controls which data (fields, marks, etc.) an authenticated and sufficiently authorized user can see
- Network Security falls into three sub-categories
- Client to Tableau Server
- Tableau Server to the database
- Communication between Tableau Server component functions
Authorization and Data Security are closely related and it can be difficult to distinguish one from the other. Authorization controls which actions a user can perform and on what. However, it does not control which data will appear inside a viz. The data a user sees is controlled by Data Security.
The following link goes into further detail regarding these:
Hope this helps!
To help with understanding how data source authentication (data security) works here's a good knowledge base article that is slightly better (Database Connection Options section) than what's in the admin guide: http://kb.tableausoftware.com/articles/knowledgebase/tableau-server-database-logins