AAA commonly stands for authentication, authorization and accounting.
It refers to a security architecture for distributed systems, which enables
control over which users are allowed access to which services, and how much of
the resources they have used.
Authentication refers to the process where an entity's identity is authenticated, typically by
providing evidence that it holds a specific digital
identity such as an identifier and the corresponding credentials.
Examples of types of credentials are passwords,
one-time tokens, digital certificates
The authorization function determines whether a
particular entity is authorized to perform a given activity, typically
inherited from authentication when logging on to an application or service.
Authorization may be determined based on a range of restrictions, for example
time-of-day restrictions, or physical location restrictions, or restrictions
against multiple access by the same entity or user. Typical authorization in
everyday computer life is for example granting read access to a specific file
for authenticated user.
Accounting
refers to the tracking of network resource consumption by users for
the purpose of capacity and trend analysis, cost allocation, billing
In addition, it may record events such as authentication and authorization
failures, and include auditing functionality, which permits verifying the
correctness of procedures carried out based on accounting data. Real-time
accounting refers to accounting information that is delivered concurrently with
the consumption of the resources. Batch accounting refers to accounting
information that is saved until it is delivered at a later time.
http://en.wikipedia.org/wiki/AAA_protocol
Your post about Authentication, Authorization and Accounting has allowed me to better understand the security architecture and how it is used. I have learned that authentication authenticates an entity's identity typically by providing evidence that it holds a specific digital identity such as an identifier and the corresponding credentials. I have also learned that authorization determines whether a particular entity is authorized to perform a given activity, typically inherited from authentication when logging on to an application or service. Lastly, I have learned that accounting refers to the tracking of network resource consumption by users for the purpose of capacity and trend analysis, cost allocation, billing.
ReplyDeleteAfter reading this post, i have a better understanding of what AAA means.
ReplyDeleteAuthentication is the process by which an individual is authenticated and identified by an identifier that the user has provided, such as a username and password.
Authorization comes after authentication and it is the process by which users may have varied authority to perform different tasks.
Accounting is to record the user's action of what he does and what he access.
Really informative post, your description and explanation of AAA is easy to understand, and filled with a lot of examples. Your post really helped me to understand AAA better. Great stuff!
ReplyDeleteThis post is very interesting and easy to understand. I have learn a lot about how authentication, authorization and accounting can be used as a measure for security architecture from your post. The explanation u gave on authentication, authorization and accounting are quite less. Hence, I would suggest that maybe you can give more examples on how AAA works and how it can help us. You can also elaborate more on the key points of AAA so that readers like myself will be able to understand more. Also, maybe you can add pictures or videos to let readers like myself have a even better and clearer knowledge on what AAA are all about.
ReplyDeleteFrom this post, I was able to better understand AAA as well as the uses of it. I am able to know that AAA is a security architecture for distributed systems which controls how users use and access the system. The post is organized and properly structured and allowed I to better understand which each of the ‘A’ stood for. The post utilizes examples which make it easier to better understand the given topic. I feel that the post has been very well written and is easier to understand for anyone who reads it.
ReplyDelete- Amos Lee
From your post, i understand that AAA is a security architecture for distributed systems, which enables control over which users are allowed access to which services, and how much of the resources they have used. All points have good explaination and it helps me understand all the 3 A's stand for and what they are used for. But it will be better if you can add pictures or structures to make your post a clear and better post
ReplyDelete-Adler
By reading this post, I have a clear understanding of how the AAA factor works in security aspects.
ReplyDeleteAuthentication refers to how you identify yourself with what you have. Such as identity cards.
Authorization shows what you can do or which area you can access.
And finally accounting shows what you have done and how long you have been doing the activity. For example, I logged in to the school website using my student credentials and accessed the school materials three times a day. This to account for what I use the system for.
By reading ur post, i have a clear understanding of AAA especially the part "Accounting refers to the tracking of network resource consumption by users for the purpose of capacity and trend analysis, cost allocation, billing In addition, it may record events such as authentication and authorization failures, and include auditing functionality, which permits verifying the correctness of procedures carried out based on accounting data. Real-time accounting refers to accounting information that is delivered concurrently with the consumption of the resources. Batch accounting refers to accounting information that is saved until it is delivered at a later time."
ReplyDeleteCheers,
Yj
After reading your post, I have have a clear and thorough understanding of AAA, which stands for authentication, authorization and accounting, especially the part where it says "The authorization function determines whether a particular entity is authorized to perform a given activity, typically inherited from authentication when logging on to an application or service. Authorization may be determined based on a range of restrictions, for example time-of-day restrictions, or physical location restrictions, or restrictions against multiple access by the same entity or user. Typical authorization in everyday computer life is for example granting read access to a specific file for authenticated user."
ReplyDelete