1.2 Authentication, Authorization, and Accounting

Question 1

What 4 points make up the AAA Framework?

Answer 1

• Identification
  – This is who you claim to be
  – Usually your username
• Authentication
  – Prove you are who you say you are
  – Password and other authentication factors
• Authorization
  – Based on your identification and authentication,
  what access do you have?
• Accounting
  – Resources used: Login time, data sent and
  received, logout time

Question 2

Authenticating Systems

Answer 2

• You have to manage many devices
  – Often devices that you’ll never physically see
• A system can’t type a password
  – And you may not want to store one
• How can you truly authenticate a device?
  – Put a digitally signed certificate on the device
• Other business processes rely on the certificate
  – Access to the VPN from authorized devices
  – Management software can validate the end device

Question 3

Certificate Authentication

Answer 3

• An organization has a trusted Certificate Authority (CA)
  – Most organizations maintain their own CAs
• The organization creates a certificate for a device
  – And digitally signs the certificate with the organization’s CA
• The certificate can now be included on a device as an
  authentication factor
  – The CA’s digital signature is used to validate the certificate