Talk:AAA (computer security)

Suggest rename of Article
AAA Protocols are a *family* of protocols, including Diameter, RADIUS, etc. Having the "AAA" page lead off with "The Diameter protocol.." is wrong.

Diameter should gave it's own page. RADIUS should have it's own page. AAA should have it's own page which explains the general idea of AAA protocols, and which points to both the RADIUS and Diameter pages.

I say this as someone who's worked with RADIUS for over 20 years, and Diameter from before it existed as a standard protocol. I've tried making these changes in the past, and they've always been reverted. So far as I can tell, by people who don't use RADIUS or Diameter, and who know nothing about them.

Alandekok —Preceding undated comment added 12:49, 15 September 2017 (UTC)

Protocol?
Is AAA itself a protocol? Isn't it more the methodology used to authenticate, etc., using protocols such as RADIUS or TACACS+? --Diogenes00 23:40, 2 June 2006 (UTC)

Agreed
Neither a protocol nor a classification of protocols. Plain speech, please. AAA is a model used to describe three commonly associated aspects of the concept "Access Control".

Princeton WordNet definition: http://wordnetweb.princeton.edu/perl/webwn?s=protocol

Jeffp231 (talk) 20:21, 2 September 2010 (UTC)


 * Agreed Bezanson (talk) 22:47, 8 March 2016 (UTC)

Suggest rename of Article
It's a classification of protocols rather than a particular one. Maybe renaming the page to "AAA protocols" or "Authentication, Authorization and Accounting" makes better sense.

Suggest "AAA (information technology)"
Protocols implies the same thing as Protocol, IMHO. I like the heading of AAA with the (information technology) byline. That should help distinguish it from abdominal aortic aneurysm, the American Automobile Association, and Triple-A baseball.

Jeffp231 (talk) 20:39, 2 September 2010 (UTC)
 * Alternately, my suggestion is "AAA Model" or "AAA Model (Information Technology)." In computing, protocols are things like TCP/IP, HTTP, SSH, etc. dafydd (talk) 14:32, 9 April 2013 (UTC)

Suggest "AAA - Authentication, Authorization and Accounting (Computer Security)"
Since this is a topic that pertains to Computer Security/Information Security/Cybersecurity more than "Information Technology". This page contains general AAA related information, of which "Diameter" is a solution and this page is also linked/redirected by AAA_Protocol and AAAA_Protocol. The page mentioned for merging, https://en.wikipedia.org/wiki/Diameter_(protocol), is about the Diameter protocol from a technical level and that page should stay that way. Bezanson (talk) 22:46, 8 March 2016 (UTC)

Authorisation is not the same as Access Control
I dispute that "Authorisation" should be called Access Control. Authorisation is the granting of authority to perform some action, which may or may not involve access to a resource. Access control is a narrower concept, the implementation of an particular kind of authorisation policy. Access control is the mechanism that permits or denies access to resources according to the authorities granted to an authenticated identity.

In computing and communications this may be effectively coincident with authorisation, when most authorisations are about allowing access to something. But the principles of AAA can be applied in wider contexts, so it is a distinction worth maintaining. Swiveler (talk) 01:49, 5 February 2010 (UTC)

Agreed
Authorization is 'Permission' or 'Rights'. Authorization IS NOT Access Control.

Access control is a methodology that can include Authorization/Authorisation if needed, (depends on which side of the pond you're on) depending on the requirements given for the Access Control solution.
 * If you don't care WHAT people do, so long as you know WHO THEY ARE and WHEN THEY LOGON, you only need Authorization and Auditing.
 * If you absolutely must know WHAT was done and WHEN, but you don't care WHO did the deed, you drop Authentication and add Authorization, retaining Auditing.

Jeffp231 (talk) 20:28, 2 September 2010 (UTC)

Usage of AAA servers in LDAP networks - Section name incorrect?
LDAP is in the heading but never again refer to. Should it not be CDMA networks? Also, LDAP is a protocol, not a network by itself.