Monday 14 May 2012

Authentication, Authorization and Accounting

What does authentication, authorization and accounting mean ?

Authentication  
Authentication means to identify a certain individual, usually by username and password. There are other methods of authentication too, like: serial key(one-time password), authentication via PPP link, etc.

- Username & password
The user would be asked by the system for their login credentials in order to verify that they    are authorize user of the system/network. If the user is a authorize user, the user would be allowed access into the system/network. However there is a disadvantage to this authentication method, user frequently uses very guessable password or never change password at regular interval, making it very easy to allow hackers to hack into the system.

- Serial key(one-time password)
Whenever the user wants to login to their account they would have to get their one-time password which is generated by a serial-key program hash function. The user would than be able to login to their individual account. Different password would be generated every time, this was no one would be able to hack into the system easily.

- Authentication via PPP link
There are three types:
   Password Authentication Protocol(PAP)
   Challenge Handshake Authentication Protocol(CHAP)
   MS-CHAP



Authorization
Authorization means to give individual access to systems objects based on who they are.

Accounting
Accounting means keeping track of the user's activity while accessing a network resource.

When authentication, authorization and accounting is combined together, they provide secure remote access to the network and remote management of network device.


REFERENCE : http://www.webopedia.com/TERM/A/authentication.html
                           http://www.webopedia.com/TERM/A/accounting.html
                           lecture T22
Posted by at

5 comments:

  1. WEIPENG14 May 2012 at 17:54

    Hi Jenny! Thank you for taking time to post such a detailed piece of work on Authentication, authorization and accounting. I now know much more about what AAA is about and what is does. An additional thing I know through your blog is that there are three types of authentication via the PPP link. They are the Password Authentication Protocol (PAP), Challenge Handshake Authentication Protocol (CHAP), and the MS-CHAP.

    ReplyDelete
  2. Alvin14 May 2012 at 22:51

    After reading this post, i have learnt what is authentication, authorization and accounting, as well as the different ways to enforce authentication.

    ReplyDelete
  3. Png Clarence15 May 2012 at 22:11

    Hi babe! Your wonderful blog post has a clear detail of authentication which can help me understand further! Through your post I have understand that there are three types of PPP link which is Password Authentication Protocol(PAP), Challenge Handshake authentication Protocol(CHAP) and MS-CHAP.
    With these PPP, we can ensure that hackers will not be able to hack into our computer so easily!

    ReplyDelete
  4. Nur Shaqilla23 May 2012 at 12:17

    Annyeonghasaeyo! Your post is really informative and it helps me to understand AAA in depth. You even summarise it in your own which makes it easier for me to understand (: Thank you.

    ReplyDelete
  5. Unknown11 November 2013 at 20:10

    I have learnt something new which is of great help to me. As I am learning about public key infrastructure all these terms are the basic element. Thank you for providing this short detail.
    public key infrastructure

    ReplyDelete

Subscribe to: Post Comments (Atom)