[SOLVED] provide replies to below 2 posts each in 150 words 6-network security
Im trying to learn for my Computer Science class and Im stuck. Can you help?
Main que:
What is authentication, authorization, and Accounting? Please provide an example
sruthi-
Authentication: It is the process of providing a user with access to the network. The users like employees want to access the network resources by asking the credentials like username and password. Common methods of authentication are put authentication on console port, AUX ports, etc. A network administrator has the full control on how a user can be authenticated if wanted any access to the networks. Some of the methods of acquiring the authentication include using the local database of that device, sending the authentication request to the external server, etc. In the process of performing the authentication is broken into three parts: Principal (Entity that requests the authorization), Credential (the user provides as the proof of identity like shared key or password, one-time password (OTP), etc.) and Contextual (includes network and physical location of the request made).
Authorization: It is providing the ability to implement the policies of the network resources after the user has access to network through authentication. Authorization is used to determine what resources can be accessed by the user who has the successful authentication to access the networks. Like network administrator determines what operations to be performed by the user. For junior employees, the administrator can create access to the user which allow the user only to perform few operations. There is also a concept called null authorization (no authorization at all) where this is the most common authorization in AAA. After the authentication occurs, the user is granted full access to the network.
Accounting: This provides a way to monitor and track the events performed by the user after having the success authentication granted to the network resources, how long the user has the access. The administration is able to create an accounting activity and also has the authority to specify what should be accounted and to whom the records can be sent. Accounting holds the track history of the users who has the successful authentication like, which clients have the access to the network, what all access they were granted and when the client has been disconnected etc. Accounting is widely used in the Internet Service Provider space.
Example:
To use the local database and local running configuration, we need to implement AAA in case of new employees. The first step is to create the users and have the authentication requested to the administrator for access to access the local database. Then the administrator who has the authorization grants the access to the new employee by providing a username or email id and the password to log in and have the successful authentication to access the local database. This users events will be tracked by the accounting activity created for this specific user. When there is an issue with accessing the networks or the database, the administrator will access the accounting activity and provide an immediate solution for the issue with the authentication.
swathika-
hat is authentication, authorization, and Accounting? Please provide an example
In the past decade the cloud services have enabled many organizations and individuals to perform variety types of tasks such as online storage, email services and on demand TV and online shows. With the help of cloud services, the deployment of applications with very cheap cost with elastic and scalable due to fault tolerance system. Authentication and authorization and accounting (AAA) are three mains that helps track the system tracker of the user activities via IP-based network and controlling the access to network resources. A term AAA protocol is often implemented as a dedicated server.
Authentication refers to identifying unique information in each user system in a form of username and password. With the help of system administrators, we are able to monitor, add or delete authorized user in the system.
Example: When a network administrator controls the user authentication when an individual wants to access the network. These methods include local database that could be a router that sends authentication request to an external server. Sometime customized authentication methods are used for default authentication customization.
Authorization refers to the an individual adding or denying any user access in the computer network and its resources. Depending on the limit and their access towards the networks, users are given different authorization level depending on that. This determinization can be based on variety of entities on geographical location, date or time restriction, multiple logins by single individuals frequency associated types of authorization in the services include routing assignments, IP address filtering, bandwidth encryption traffic management.
Example: when a junior engineer who has not given any privilege to access all the resources and would want to access the devices, this were the administration would come into the picture to allow particular commands wherein the view will be created which will allow particular commands to be executed. This is to specify the user in a way is authorized to network resources through local database or ACS server.
Accounting refers to tracking or record keeping of individual activities in an computer network. Some of the examples of accounting would be time period but not limited to accounting time spent towards accessing the network, capacity and trend analysis, network cost allocations, billing data and user authentication and authorization.
Examples of AAA protocols include:
- Diameter, a successor to Remote Authentication Dial-In User Service (RADIUS)
- Terminal Access Controller Access-Control System (TACACS)
- Terminal Access Controller Access-Control System Plus (TACACS+) a proprietary Cisco Systems protocol that provides access for network servers, routers and other network computing devices.
