Authentication, Authorization, and Accounting

Security ultimately is supported and enforced by authentication, authorization, and accounting (AAA). AAA is part of field of security commonly referred to as identity and access management (IAM). Without all three of these security fundamentals properly implemented, real security cannot exist.

Authentication is the verification or proof of someone or something’s identity. The most common form of authentication is the use of a password. Although passwords are the most common, they are also one of the weakest forms of authentication. People typically pick passwords that are easy to guess or that are somehow predictable. They often reuse the same passwords on multiple systems.

Passwords reside in ...

Get Network Security, Firewalls, and VPNs, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.