Professional Documents
Culture Documents
Authentication, Authorization and Accounting: Dipak Trivedi
Authentication, Authorization and Accounting: Dipak Trivedi
and Accounting
Dipak Trivedi
Overview of AAA
A network administrator may allow remote users to
have access through public services based on the
remote-access solutions used.
The network must be designed to control who is
allowed to connect to it, and what they are allowed to
do once they get connected.
The network administrator may find it necessary to
configure an accounting system that tracks who logs
in, when they log in, and what they do once they
have logged in.
Authentication, Authorization, and Accounting (AAA)
security services provide a framework for these kinds
of access control and accounting functions.
AAA
AAA is an architectural framework for
configuring three different security features:
Authentication: The process of validating the
claimed identity of an end user.
Authorization: The act of granting access
rights to a user, groups of users.
Accounting: The methods to establish who, or
what, performed a certain action, such as
tracking user connection and logging system
users.
Authentication
User dials into an access server that is
configured with CHAP.
The access server will prompt the user for a
name and password.
The access server authenticates the user’s
identity by requiring the username and
password.
This process of verification to gain access is
called authentication.
The user may then be able to execute
commands on that server once he has been
successfully authenticated.
Authorization
The server uses a process called
authorization to determine which commands
and resources should be made available to that
particular user.
Authorization asks the question, "What