Acrónimos: AAA
Ver:
·
RADIUS
- Remote Access Dial-In User Server
·
TACACS
- Terminal Access Controller Access Control System
Conjunto de herramientas, procedimientos y protocolos que garantizan un tratamiento coherente de las tareas de autenticación, autorización y registro de actividad de las entidades que tienen acceso a un sistema de información.
Acrónimo de authentication, authorization, and accounting (autenticación, autorización y contabilización). Protocolo para autenticar a un usuario basándose en la identidad verificable del usuario, autorizar a un usuario basándose en sus derechos de usuario y contabilizar el consumo de recursos de una red de un usuario.
http://es.pcisecuritystandards.org
Acronym for
authentication, authorization, and accounting. Protocol for authenticating a
user based on their verifiable identity, authorizing a user based on their user
rights, and accounting for a users consumption of network resources.
https://www.pcisecuritystandards.org/security_standards/glossary.php
Authentication,
authorization, and accounting (AAA) is a term for a framework for intelligently
controlling access to computer resources, enforcing policies, auditing usage,
and providing the information necessary to bill for services. These combined
processes are considered important for effective network management and
security.
As the first
process, authentication provides a way of identifying a user, typically by
having the user enter a valid user name and valid password before access is
granted. The process of authentication is based on each user having a unique
set of criteria for gaining access. The AAA server compares a user's
authentication credentials with other user credentials stored in a database. If
the credentials match, the user is granted access to the network. If the
credentials are at variance, authentication fails and network access is denied.
Following
authentication, a user must gain authorization for doing certain tasks. After
logging into a system, for instance, the user may try to issue commands. The
authorization process determines whether the user has the authority to issue
such commands. Simply put, authorization is the process of enforcing policies:
determining what types or qualities of activities, resources, or services a
user is permitted. Usually, authorization occurs within the context of
authentication. Once you have authenticated a user, they may be authorized for
different types of access or activity.
The final plank
in the AAA framework is accounting, which measures the resources a user
consumes during access. This can include the amount of system time or the
amount of data a user has sent and/or received during a session. Accounting is
carried out by logging of session statistics and usage information and is used
for authorization control, billing, trend analysis, resource utilization, and
capacity planning activities.
http://searchsecurity.techtarget.com/
Authentication. Authentication refers to the confirmation that
a user who is requesting services is a valid user of the network services
requested. Authentication is accomplished via the presentation of an identity
and credentials. Examples of types of credentials are passwords, one-time
tokens, digital certificates, and phone numbers (calling/called).
Authorization. Authorization refers to the granting of
specific types of service (including "no service") to a user, based
on their authentication, what services they are requesting, and the current
system state. Authorization may be based on restrictions, for example
time-of-day restrictions, or physical location restrictions, or restrictions
against multiple logins by the same user. Authorization determines the nature
of the service which is granted to a user. Examples of types of service
include, but are not limited to: IP address filtering, address assignment,
route assignment, QoS/differential services, bandwidth control/traffic
management, compulsory tunneling to a specific endpoint, and encryption.
Accounting. Accounting refers to the tracking of the
consumption of network resources by users. This information may be used for
management, planning, billing, or other purposes. Real-time accounting refers
to accounting information that is delivered concurrently with the consumption
of the resources. Batch accounting refers to accounting information that is
saved until it is delivered at a later time. Typical information that is
gathered in accounting is the identity of the user, the nature of the service
delivered, when the service began, and when it ended.
http://en.wikipedia.org/wiki/AAA_protocol
Acronyme
d«authentication, authorization, and accounting» (authentification,
autorisation et traçabilité). Protocole permettant dauthentifier un
utilisateur en fonction de son identité vérifiable, dautoriser un utilisateur
en fonction de ses droits dutilisateur et de vérifier la consommation des
ressources réseau dun utilisateur.
http://fr.pcisecuritystandards.org/
Temas relacionados