Authentication, Authorization, and Accounting (AAA) is an architectural framework to gain access to computer resources, enforcing policies, auditing usage, to provide essential information required for billing of services and other processes essential for network management and security. This process is mainly used so that network and software application resources are accessible to some specific and legitimate users. The AAA concept is widely used in reference to the network protocol RADIUS.
The first step: Authentication
Authentication is the method of identifying the user. With the help of the user’s authentication credentials, it checks if the user is legitimate or not or if the user has access to the network, by checking if the user’s credentials match with credentials stored in the network database. After the authentication is approved the user gains access to the internal resources of the network.
For the user to perform certain tasks or to issue commands to the network, he must gain authorization. It determines the extent of access to the network and what type of services and resources are accessible by the authenticated user. Authorization is the method of enforcing policies.
In this stage, the usage of system resources by the user is measured: Login time, Data Sent, Data Received, and Logout Time. Accounting Process is carried out by logging out the session statistics and usage information and is used for authorization control, billing, resource utilization.
- AAA framework increases the scalability of a network: Scalability is the property of a system to handle a growing amount of work by adding resources to the system.
- It causes increased flexibility and better control of the network.
- It helps maintain standard protocols in the network.
- RADIUS allows for unique credentials for each user.
- IT Admins will have a central point for the user and system authentication.
- On RADIUS Servers, Configuration and Initial setup can be complicated and time-consuming.
- It is a very hard choice to determine which is the best RADIUS server software and implementation model for your organization.
- Maintenance can be difficult and time-consuming for on-prem hardware.
Attention reader! Don’t stop learning now. Get hold of all the important CS Theory concepts for SDE interviews with the CS Theory Course at a student-friendly price and become industry ready.
- Computer Network | AAA (Authentication, Authorization and Accounting)
- AAA (Authentication, Authorization and Accounting) configuration (locally)
- Difference between Cloud Accounting and Desktop Accounting
- Difference between Authentication and Authorization
- HTTP headers | Proxy-Authorization
- HTTP headers | Authorization
- PGP - Authentication and Confidentiality
- Message Authentication Codes
- How message authentication code works?
- Challenge Handshake Authentication Protocol (CHAP)
- Password Authentication Protocol (PAP)
- Challenge Response Authentication Mechanism (CRAM)
- 3D passwords-Advanced Authentication Systems
- Types of Two-factor Authentication
- What is HMAC(Hash based Message Authentication Code)?
- Internet Protocol Authentication Header
- Authentication in Computer Network
- SAML Authentication
- Difference between node.js require and ES6 import and export
- Difference between Stop and Wait, GoBackN and Selective Repeat
If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to firstname.lastname@example.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.
Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.