Security Dose 18122023: AAA Concept for Security
Security Dose 13122023: AAA Foundational Concept for Security
In this article, we are going to talk about the AAA
foundational concept for security. Generally, people relate AAA to an
authentication system but it is a critical security concept and includes 5
sections –
- Identification
- Authentication
- Authorization
- Auditing
- Accounting
Missing any of the above elements can result in a weak or incomplete security system. So let’s understand each of the elements here.
⭐ Identification 👇
The whole process of AAA starts with identification. A user
presents the identity like username, fingerprint, smartcard, voice command,
face scan, retina scan, etc. to start authentication. Identity is an input to
authentication and without it, there is no way to start the authentication.
Once the identity is provided, it is identified against a
record or database, and it is said to be recognized. If you closely monitor the
security systems, this identity is used to recognize a user. Whatever logs,
activities, and events are performed, all related to identity and not the
user/subject.
Simply presenting the identity to the system does not mean access to the resource or system. Identity must be proven and verified before use. This is verified through authentication.
⭐ Authentication 👇
Authentication is the process of verifying the claimed
identity during the identification phase. In addition to identity, more inputs [authentication
factor] are provided by users to claim that he is what they are claiming. This
could be a password which is a common form of authentication. These identities
and factors are compared with the database of valid identities.
Identification and Authentication these two phases are completed in any security system as a single two-step process. Providing the identity is the first step and giving an authentication factor is the second step. Without both, the authentication process cannot be completed and therefore no access can be granted.
⭐ Authorization 👇
Authorization control is what can be performed once a subject is identified and authenticated in a secured environment. Identification and Authentication does not mean that a subject has full access to the environment. Both identification and authentication are all-or-nothing aspects of the access control system. The authorization is the wide range of possibilities between all and nothing within an environment.
For example, a user may be able to access a cloud folder but not allowed to download, or read a file but not able to alter the contents of the file – all these controls are enforced by authorization policies.
⭐ Auditing 👇
Auditing is a means where subject actions are recorded once he is granted access to the protected system. Auditing is required to make a subject accountable for the actions he performed during the session. Auditing also helps to identify unauthorized or abnormal activities on the system. Log files provide the audit trails to re-create an event, intrusion, and system failure scenarios.
It is usually an integrated feature of the operating system, applications, and services. It is configured during the implementation of the system and is generally a straightforward process.
⭐ Accounting 👇
Any organization’s security policies are measured by the
level of accountability the security system has. A high level of accountability
results in a high level of security policies. This accountability depends on two
things the ability to prove the subject identity and the tracking actions
performed by the subject. This accountability is established by the identification,
authentication, authorization, and accounting capabilities of the security
system.
The security policies and procedures should be implemented
strongly enough to defend them in a court of law. If cannot defend you will not
be able to make accountable a subject for an action linked to the user account.
Simple password authentication is not enough for identification and can be
compromised easily. Therefore, multi-factor authentication processes are implemented
to make sure there is no compromise in the authentication process. Once the user
is identified, his actions are recorded and made accountable.
I hope you find this informative. See you soon with another security dose.
- Security Dose 06122023- Nonrepudiation and its implementation!
- Security Dose 28112023: Primary Goals & Objectives of Security Infrastructure
- Security Dose 231123 - It's about Security!!
- Security: Cisco ASA Vs Cisco FTD
- Site-to-Site VPN: IPSEC Tunnel Between an ASA and a Cisco IOS Router
- Cisco Security: Cisco ASA 5505 Interfaces configuration for Access Ports
- Cisco ASA Series 1: Restoring the ASA to Factory Default Configuration
