AAA (computer

security)

This article needs additional

citations for verification. Learn more

AAA refers to Authentication,

Authorization and Accounting.
It is used to refer to a family of
protocols that mediate network
access.

Two network protocols

providing this functionality are
particularly popular: the
RADIUS protocol,[1] and its
newer Diameter counterpart.
[2][3]

Further explanations of
Authentication , Authorization ,
and Accounting are available
on external sites.

Usage of AAA in
Diameter
In some cases, the term AAA
has been used to refer to
protocol-specific information.
For example, Diameter uses the
URI scheme AAA, which stands
for Authentication,
Authorization and Accounting,
and the Diameter-based
Protocol AAAS, which stands
for Authentication,
Authorization and Accounting
with Secure Transport.[4] These
protocols were defined by the
Internet Engineering Task Force
in RFC 6733 and are intended
to provide an Authentication,
Authorization, and Accounting
(AAA) framework for
applications, such as network
access or IP mobility in both
local and roaming situations.[5]

While the term AAA has been

used in such a narrow context,
the concept of AAA is more
widely used within the industry.
As a result, it is incorrect to
refer to AAA and Diameter as
being one and the same.

Usage of AAA servers

in CDMA networks
AAA servers in CDMA data
networks are entities that
provide Internet Protocol (IP)
functionality to support the
functions of authentication,
authorization and accounting.
The AAA server in the CDMA
wireless data network
architecture is similar to the
HLR in the CDMA wireless
voice network architecture.

Types of AAA servers include

the following:

Access Network AAA (AN-

AAA): Communicates with
the RNC in the Access
Network (AN) to enable
authentication and
authorization functions to be
performed at the AN. The
interface between AN and
AN-AAA is known as the A12
interface.
Broker AAA (B-AAA): Acts as
an intermediary to proxy AAA
traffic between roaming
partner networks (i.e.,
between the H-AAA server in
the home network and V-AAA
server in the serving
network). B-AAA servers are
used in CRX networks to
enable CRX providers to offer
billing settlement functions.
Home AAA (H-AAA): The
AAA server in the roamer’s
home network. The H-AAA is
similar to the HLR in voice.
The H-AAA stores user
profile information, responds
to authentication requests,
and collects accounting
information.
Visited AAA (V-AAA): The
AAA server in the visited
network from which a roamer
is receiving service. The
V-AAA in the serving network
communicates with the
H-AAA in a roamer’s home
 network. Authentication
requests and accounting
information are forwarded by
the V-AAA to the H-AAA,
either directly or through a
B-AAA.

Current AAA servers

communicate using the
RADIUS protocol. As such, TIA
specifications refer to AAA
servers as RADIUS servers.
However, future AAA servers
are expected to use a
successor protocol to RADIUS
known as Diameter.
The behavior of AAA servers
(radius servers) in the
CDMA2000 wireless IP network
is specified in TIA-835.

See also
Layer 8
Cyberoam

References
1. C. Rigney, S. Willens, A.
Rubens, W. Simpson, "Remote
Authentication Dial In User
Service (RADIUS)", IETF RFC
2865 , June 2000.
2. P. Calhoun, J. Loughney, E.
Guttman, G. Zorn, J. Arkko,
"Diameter Base Protocol", IETF
RFC 3588 , September 2003.
3. Sasu Tarkoma, "Mobile
Middleware: Architecture,
Patterns and Practice", John
Wiley and Sons, 2009, pp.
248–251.
ISBN 9780470745526.
4. "Uniform Resource Identifier
(URI) Schemes" . Retrieved
12 October 2014.
5. "RFC 6733 - Diameter Base
Protocol" . PROPOSED
STANDARD. Standards Track.
ISSN 2070-1721 . Retrieved
12 October 2014.

Retrieved from
"https://en.wikipedia.org
/w/index.php?title=AAA_(computer_s
ecurity)&oldid=885143066"

Last edited 2 months ag…

Content is available under CC BY-SA

3.0 unless otherwise noted.