AAA (from the English. Authentication, Authorization, Accounting ) - a family of protocols used to describe the process of providing access and control over it.
- Authentication - the matching person (request) of an existing security account. It is carried out by login , password , certificate , smart card , etc.
- Authorization ( authorization , authorization check, access level check) - a mapping of an account in the system (and the authenticated person) and certain authorities (or denial of access). In general, authorization can be “negative” (User A is denied access to the company's servers ).
- Accounting (tracking) - tracking the consumption of resources (mainly network) by the user. Accounting also includes a record of access to the system ( access logs ).
RFC
RFA associated with AAA:
- RFC 2194 Review of Roaming Implementations
- RFC 2477 Criteria for Evaluating Roaming Protocols
- RFC 2881 Network Access Server Requirements Next Generation (NASREQNG) NAS Model
- RFC 2903 Generic AAA Architecture
- RFC 2904 AAA Authorization Framework
- RFC 2905 AAA Authorization Application Examples
- RFC 2906 AAA Authorization Requirements
- RFC 3169 Criteria for Evaluating Network Access Server Protocols
- RFC 3539 AAA Transport Profile
List of AAA Protocols
- RADIUS
- DIAMETER
- Tacacs
- TACACS +
Other protocols used in combination with AAA:
- PPP
- EAP
- PEAP
- LEAP
- Ldap
Sources
- Goldstein B.S., Elagin V.S., Senchenko Yu.L. AAA Protocols: RADIUS and Diameter (Book 9) . - SPb. : BHV - St. Petersburg, 2011. - (Telecommunication Protocols).