Security Dose 18122023: AAA Concept for Security

Security Dose 13122023: AAA Foundational Concept for Security 

AAA Concept for Security

In this article, we are going to talk about the AAA foundational concept for security. Generally, people relate AAA to an authentication system but it is a critical security concept and includes 5 sections –

  • Identification
  • Authentication
  • Authorization
  • Auditing
  • Accounting

Missing any of the above elements can result in a weak or incomplete security system. So let’s understand each of the elements here.

⭐ Identification  👇

The whole process of AAA starts with identification. A user presents the identity like username, fingerprint, smartcard, voice command, face scan, retina scan, etc. to start authentication. Identity is an input to authentication and without it, there is no way to start the authentication.

Once the identity is provided, it is identified against a record or database, and it is said to be recognized. If you closely monitor the security systems, this identity is used to recognize a user. Whatever logs, activities, and events are performed, all related to identity and not the user/subject.

Simply presenting the identity to the system does not mean access to the resource or system. Identity must be proven and verified before use. This is verified through authentication.

⭐ Authentication 👇

Authentication is the process of verifying the claimed identity during the identification phase. In addition to identity, more inputs [authentication factor] are provided by users to claim that he is what they are claiming. This could be a password which is a common form of authentication. These identities and factors are compared with the database of valid identities.

Identification and Authentication these two phases are completed in any security system as a single two-step process. Providing the identity is the first step and giving an authentication factor is the second step. Without both, the authentication process cannot be completed and therefore no access can be granted.

⭐ Authorization  👇

Authorization control is what can be performed once a subject is identified and authenticated in a secured environment. Identification and Authentication does not mean that a subject has full access to the environment. Both identification and authentication are all-or-nothing aspects of the access control system. The authorization is the wide range of possibilities between all and nothing within an environment. 

For example, a user may be able to access a cloud folder but not allowed to download, or read a file but not able to alter the contents of the file – all these controls are enforced by authorization policies.

⭐ Auditing  👇

Auditing is a means where subject actions are recorded once he is granted access to the protected system. Auditing is required to make a subject accountable for the actions he performed during the session. Auditing also helps to identify unauthorized or abnormal activities on the system. Log files provide the audit trails to re-create an event, intrusion, and system failure scenarios. 

It is usually an integrated feature of the operating system, applications, and services. It is configured during the implementation of the system and is generally a straightforward process.

⭐ Accounting  👇

Any organization’s security policies are measured by the level of accountability the security system has. A high level of accountability results in a high level of security policies. This accountability depends on two things the ability to prove the subject identity and the tracking actions performed by the subject. This accountability is established by the identification, authentication, authorization, and accounting capabilities of the security system.

The security policies and procedures should be implemented strongly enough to defend them in a court of law. If cannot defend you will not be able to make accountable a subject for an action linked to the user account. Simple password authentication is not enough for identification and can be compromised easily. Therefore, multi-factor authentication processes are implemented to make sure there is no compromise in the authentication process. Once the user is identified, his actions are recorded and made accountable.  

I hope you find this informative. See you soon with another security dose. 

     Continue Reading...

    Free Tools...