Welcome to Bucaro TecHelp!

Bucaro TecHelp
Maintain Your Computer and Use it More Effectively
to Design a Web Site and Make Money on the Web

About Bucaro TecHelp About BTH User Agreement User Agreement Privacy Policy Privacy Site Map Site Map Contact Bucaro TecHelp Contact RSS News Feeds News Feeds

Each year 1.5 million shelter animals are euthanized (670,000 dogs and 860,000 cats). Source: ASPCA. The solution is not to shelter unwanted pets, but to SHUT DOWN THE PET MILLS. Anyone who wants a pet will just have to adapt a great pet from a shelter.

Holiday Gift Guide
Holiday Gift Guide

What is Network AAA (Authentication, Authorization, and Accounting)?

Network AAA is an acronym for three network procedures and processes that help to make a network more secure and reliable. The A's stand for Authentication, Authorization, and Accounting. The difference between Authentication, Authorization, and Accounting is described below.

Authentication asks the question, "Who are you?"

Authentication is the process of identifying an individual, usually based on a username and password. Authentication involves password policies. Below are some examples of password policies:

• Minimum password length. Hackers often use bruit force methods to get access to a network. One bruit-force method is to keep trying different passwords until they hit upon one that works. For this reason, shorter passwords are harder to crack than longer ones.

• Prevent use of easy-to-guess passwords. You would be surprised how many people use passwords like "12345678", "abcdefgh" or common phrases like "hacker" or "superuser". These common passwords are the first thing a hacker tries in their bruit-force password cracking methods. For this reason, most systems require a password to meet a minimum level of complexity, like requiring them to contain upper- and lower-case letters and numbers.

• Password expiration. Eventually a hacker using bruit-force methods will gain access. However, if the target password keep changing, the hacker is going after a moving-target. This makes it much more difficult. Also, many times a hacker gains access but keeps such a low profile in the system that no-one knows hes there. Frequently changing the password takes his access away. many systems have a set expiration period that requires users to create new passwords.

• Prevent reuse of password. Thinking of unique passwords is difficult, so many people recycle their passwords. This helps keep the hacker's bruit-force method remain effective, and if changing the password has taken his access away, returning to the past one that he has cracked returns access to the hacker. Many systems store a password history and prevent a user from reusing a previous password.

Authorization asks the question, "What resources are you allowed to access?"

After the user has been authenticated through the username and password, authorization is the process of granting or denying a user access to specific network resources. Authorization to access specific network resources is usually controlled by group policy. For example users in the sales group are not allowed to access sensitive company financial information and user in the finance group not allowed to access proprietary engineering design information.

Accounting asks the question, "What did you do while you had access?"

Accounting is the process of keeping track of a user's activity while accessing network resources. Accounting involves logging which data files and which applications and services were accessed. How much time was spent accessing each resource and how much data was transferred during that time.

In addition to being used to detect hackers, auditing these logs is used for identifying network bottlenecks, capacity planning, trend analysis, and cost allocation.

Sometimes the words authentication, authorization, and accounting are used interchangeably, but they are actually different functions. Together they help to make a network more secure and reliable.

More Network Security Articles:
• How to Become a Professional Ethical Hacker
• What is a SQL Injection Attack?
• How Snort's Stealth TCP Port Scanning Works
• How to Protect Your Business From a Cyber Attack
• How to Tell if Someone is Lurking on Your Wireless Network
• The Role of Security Penetration Testers
• Network Security Across the Enterprise
• How a Firewall Provides Network Security
• Nessus Network Vulnerability Scanner
• Implementing a Secure Password Policy

RSS Feed RSS Feed


Follow Stephen Bucaro Follow @Stephen Bucaro


Computer Networking Sections

Fire HD
[Site User Agreement] [Privacy Policy] [Site map] [Search This Site] [Contact Form]
Copyright©2001-2017 Bucaro TecHelp 13771 N Fountain Hills Blvd Suite 114-248 Fountain Hills, AZ 85268