AAA - Authentication, Authorization & Accounting
Content Leader: Jess Garcia - Last Updated: December 24, 2006
AAA (Authentication, Authorization, and Accounting) is a model for access control.
Authentication
-
Authentication is the process by which a computer, computer program, or another user attempts to confirm that the computer, computer program, or user from whom the second party has received some communication is, or is not, the claimed first party.
-
Authentication is proving who you are.
Single or multiple factor authentication
-
There primarily are three authentication approaches, based on:
-
Something you, and only you, know (e.g. a password).
-
Something you, and only you, have (e.g. a token).
-
Something you, and only you, are (e.g. a fingerprint).
-
These three approaches can be used individually or combanied.
-
If only one is used, you have a one factor authentication.
-
When you combine two of them, you have a two factor authentication.
-
When you combine the three of them, you have a three factor authentication.
-
As it turns obvious, having three factor authentication is more secure than single factor authentication.
-
Protocols for Authentication and Key Establishment
-
Authentication: From Passwords to Public Keys
References
Authorization
-
Authorization is defining what you are allowed (and not allowed) to do.
-
Authorization must follow Authentication, because before the identity management system can determine what you are authorized to do, it must first determine who you are.
References
Accounting
-
Accounting is keeping track of what you do.
