aaa計費請求_什麼是AAA(身份驗證,授權和計費)?
aaa計費請求
AAA or Authentication, Authorization and Accounting is a term used to describe 3 functions in IT. Mainly AAA is used to control access to different IT resources like network, service, server, etc. AAA simply consists of 3 steps where each completes others for perfect security.
AAA或Authentication, Authorization and Accounting
什麼是身份驗證? (What Is Authentication?)
Authentication is the process of identifying a user or party. In a simple way validating the user with generally user-provided data which is generally a username and password. For example, during the login of the Gmail, we will require to put the correct and existing username and password for authentication. Authentication is also important for security where without identifying users there will be no security and related restrictions. There are also different authentication methods like certification, public/private keys, tokens, images, etc. Authentication generally requires a single method to pass but recently multiple authentication methods can be used for a single authentication which is generally called 2-factor authentication or multi-factor authentication.
Authentication是識別使用者或參與方的過程。 以一種簡單的方式使用通常由使用者提供的資料(通常是使用者名稱和密碼)來驗證使用者。 例如,在登入Gmail時,我們將要求輸入正確和現有的使用者名稱和密碼進行身份驗證。 身份驗證對於安全性也很重要,因為如果不標識使用者,就不會有安全性和相關限制。 也有不同的身份驗證方法,例如證書,公鑰/私鑰,令牌,影象等。身份驗證通常需要通過一種方法,但是最近,可以將多種身份驗證方法用於一種身份驗證,通常稱為兩要素身份驗證或多因素身份驗證。因素認證。
什麼是授權? (What Is Authorization?)
The second step for AAA is Authorization
AAA的第二步是Authorization 。 使用者通過身份驗證後,應根據其許可權進行授權。 低階使用者不應具有高級別或管理員級特權。 授權將嚴格指定和設定經過身份驗證的使用者許可權。 授權通常使用特權級別,其中將授權使用者置於特權級別或使用者組中,例如使用者,編輯者,主持人,超級使用者,管理員,以便以簡單易用的方式管理使用者許可權。
什麼是會計? (What Is Accounting?)
When the user is authenticated and authorized successfully it is entered into the system or provided resource. The user will use resources, networks, systems, or services according to the provided privileges. While using these resources the user access is logged and stored which is called as Accounting in order to track user usage.
成功驗證和授權使用者後,會將其輸入系統或提供的資源。 使用者將根據提供的特權使用資源,網路,系統或服務。 在使用這些資源時,將記錄並存儲使用者訪問許可權,這稱為“ Accounting ,以便跟蹤使用者使用情況。
TACACS和AAA (TACACS and AAA)
Tacacs or Tacacs+ is an AAA protocol that is created by Cisco in order to use its network-based products. Tacacs is the first generation of the protocol where Tacacs+ is a next-generation AAA protocol with advanced features.
Tacacs或Tacacs +是Cisco建立的AAA協議,以使用其基於網路的產品。 Tacacs是該協議的第一代,其中Tacacs +是具有高階功能的下一代AAA協議。
RADIUS和AAA (RADIUS and AAA)
Radius is another AAA protocol that provides very similar features and services to the Tacacs. Radius is an open standard and widely used protocol that is defined with RFCs.
Radius是另一個AAA協議,提供與Tacacs非常相似的功能和服務。 Radius是使用RFC定義的開放標準和廣泛使用的協議。
LDAP和AAA (LDAP and AAA)
LDAP is another popular protocol that provides authentication and authorization which is related to the AAA. As a popular protocol LDAP provides authentication and authorization in an open way which is supported by a lot of different devices, systems, and software. LDAP stores the user information like username, id, password, home path, certificate, etc. and check the authentication with the provided credentials and returns the result. LDAP also provides authorization information for users.
LDAP是另一個流行的協議,它提供與AAA相關的身份驗證和授權。 LDAP作為一種流行的協議,以開放的方式提供認證和授權,許多不同的裝置,系統和軟體都支援LDAP。 LDAP儲存使用者資訊,例如使用者名稱,ID,密碼,家庭路徑,證書等,並使用提供的憑據檢查身份驗證並返回結果。 LDAP還為使用者提供授權資訊。
翻譯自: https://www.poftut.com/what-is-aaa-authentication-authorization-and-accounting/
aaa計費請求