AAA
AAAとは、認証認可アカウント(課金)処理
Sometimes referred to as "triple-A" or just AAA, authentication, authorization, and accounting represent the "big three" in terms of IP based network management and policy administration.
Authentication provides a vehicle to identify a client that requires access to some system and logically precedes authorization. The mechanism for authentication is typically undertaken through the exchange of logical keys or certificates between the client and the server.
Authorization follows authentication and entails the process of determining whether the client is allowed to perform and/or request certain tasks or operations. Authorization is therefore at the heart of policy administration.
Accounting is the process of measuring resource consumption, allowing monitoring and reporting of events and usage for various purposes including billing, analysis, and ongoing policy management.
Why is AAA Important?
AAA is a fundamental aspect of IP networking. As mobile IP technology expands to enable a multitude of mobile, Internet-enabled devices, AAA servers will provide the means of administering policy to ensure proper use and management of resources. In a specific example, GSM location service (LCS) standards specify that the Gateway Mobile Location Center (GMLC) must administer AAA policy towards any LCS client that requests location information.
In a more generic IT example, a AAA policy server would interact with network access and gateway servers, databases, and directories to provide policy direction to any mobile IP device that requests access or information within a virtual private network environment.
AAA Standards and Administration
AAA may be administered based on the agreed upon standards for communication and processing. In the preceding example, the LCS client must send the appropriate information over the API, allowing the GMLC to apply AAA policy.
In a more generic IT example, many remote computer access servers utilize the RADIUS (Remote Authentication Dial-In User Service) protocol. However, with the potential multitude of remote computing devices enabled by mobile IP, a new protocol called DIAMETER is being developed by the IETF to better support the mobile IP environment.
Sometimes referred to as "triple-A" or just AAA, authentication, authorization, and accounting represent the "big three" in terms of IP based network management and policy administration.
Authentication provides a vehicle to identify a client that requires access to some system and logically precedes authorization. The mechanism for authentication is typically undertaken through the exchange of logical keys or certificates between the client and the server.
Authorization follows authentication and entails the process of determining whether the client is allowed to perform and/or request certain tasks or operations. Authorization is therefore at the heart of policy administration.
Accounting is the process of measuring resource consumption, allowing monitoring and reporting of events and usage for various purposes including billing, analysis, and ongoing policy management.
Why is AAA Important?
AAA is a fundamental aspect of IP networking. As mobile IP technology expands to enable a multitude of mobile, Internet-enabled devices, AAA servers will provide the means of administering policy to ensure proper use and management of resources. In a specific example, GSM location service (LCS) standards specify that the Gateway Mobile Location Center (GMLC) must administer AAA policy towards any LCS client that requests location information.
In a more generic IT example, a AAA policy server would interact with network access and gateway servers, databases, and directories to provide policy direction to any mobile IP device that requests access or information within a virtual private network environment.
AAA Standards and Administration
AAA may be administered based on the agreed upon standards for communication and processing. In the preceding example, the LCS client must send the appropriate information over the API, allowing the GMLC to apply AAA policy.
In a more generic IT example, many remote computer access servers utilize the RADIUS (Remote Authentication Dial-In User Service) protocol. However, with the potential multitude of remote computing devices enabled by mobile IP, a new protocol called DIAMETER is being developed by the IETF to better support the mobile IP environment.
2006年07月15日(土) 14:20:34 Modified by wseb