What Is The Difference Between Authentication Authorization And Accounting
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
What Is The Difference Between Authentication Authorization and Accounting?
Now, let us learn the AAA security frameworks and their application radius. The AAA stands for authentication, authorization, and accounting. It is a type of fundamental security framework for controlling the user access to a network determining access levels or the user privileges based on the policies and the user identification. It keeps track of all the user activities. Firstly let us discuss what actually authentication is?
authentication is the first component of the triple-A. For suppose we are the user, the user needs some of the credentials like user name and the password in order to verify the identity. After the identity is entered, we verify the identity, then we will be granted some of the privileges. This is the second component present in the AAA.
The authorization is about, what we can do with the privileges, these include what are the canceled resources or the services that can access. What tasks we can perform and how long can we use these resources.
The third component in the AAA framework is accounting. the accounting keeps track of all the log activities that may include the resources that are used and how much resources are being used and how long we can use them. The data that is collected at this stage could be used for counseling, monitoring, and for billing statistics.
The radius uses the framework radius that stands for the remote authorization in the user service. It is a client-server protocol and system that enables the network access server in order to communicate with the central server to the authenticated users. The authenticated users authorize their access to the network and keep track of the activities in the radius. The network access server acts as the connecting point between the user and the triple a server. The network access server can act as the remote access server for the remote users or by the local wireless user. The radius is not only for the remote users as its name suggests but it can be used for the local users. For the local users, it can be through the wireless connection or through the wired connection.
Let us take an example to understand how the radius works for the local users. we learn by for wireless access point. Let say a user wants to access a local network in the radius system. This device is called the supplicant and WAP, we call it the radius client. That is a middle man between the user and the server.
The first step we perform is the authentication request. The users interact with the WAP and request permission in order to access the network with the user ID and the password. The password will be in an encrypted state.
In the second step, the WAP contacts really act as a server, if the user exists in the radius of the server database as the valid user.
In step three, the radius server checks the database against the credentials. Once this is get verified, the radius server sends a package back to the double with the access permission and certain privileges.
And step four and step five are related to accounting. The accounting database creates a record of a user and keeps track of all the activities during the accession.