Authentication, Authorization, and Accounting (AAA)
What is Authentication, Authorization, and Accounting (AAA)?
Authentication, Authorization, and Accounting, or AAA, is a security framework used to verify identity, control access, and record activity so organizations can manage and monitor the use of systems and network resources.
Examples
- A user signs in to a remote access service with a username, password, and MFA code, is granted access only to approved internal applications, and has their session activity logged for review.
- A network device checks an administrator's identity through a central server, allows only read-only access based on role, and records every configuration command entered during the session.
Discover 🔎
Organizations need more than a simple login screen. They need a way to decide who someone is, what that person is allowed to do, and how to track what happened afterward. If any one of those pieces is missing, security becomes weaker. A user might get into the wrong area, an attacker might hide inside normal activity, or a team might struggle to investigate what happened during an incident.
That is why AAA matters. It brings together three related security functions into one model. First the system checks identity. Then it decides what access should be allowed. Finally, it records useful details about what took place. These three steps help turn access control from a loose idea into a managed process.
Summary 📝
AAA is a security framework that combines authentication, authorization, and accounting into one structured approach to access control. It helps organizations verify identity, limit permissions appropriately, and preserve useful records of activity. Its strength comes from treating access as a full process rather than a single login event.
Tip: The interactive version includes progress tracking, decks, and premium deep dives.