Concept of AAA Services in Security

AAA services concept is a widely known security concept which stands for Authentication, Authorisation, Accounting (or Auditing). 

Although, it is called AAA services and it only has the first letters of 3 elements, it actually represents 5 elements in a chain.

  • Identification: Claiming to be an identity when attempting to access a resource. eg. typing username, swiping a card, scanning a fingerprint …
  • Authentication: Proving that you are that identity. The information at this stage is considered to be private. and assumed to be known by yourself only. eg. by providing additional information like password
  • Authorisation: Defining the permissions for identity. What the subject can or cannot do
  • Auditing: Recording a log of events and actions along with the information about the subject triggering those events or performing actions
  • Accounting: Reviewing log files to check for compliance and violations in order to hold subjects accountable for their actions

Leave a Reply

Your email address will not be published. Required fields are marked *