An AAA (Authentication, Authorization, and Accounting) server is a system that manages fundamental system access functions: Authentication, Authorization, and Usage, as well as their accounting. AAA servers work reciprocally with access and gateway servers to manage databases and directories of user data.
AAA servers control the traffic of the various network components and collect the connection data, accesses, addresses, services used and traffic duration. The security protocol generally used in AAA servers is RADIUS, which is a client-server based security protocol for authentication and network access authorization control. Authentication can be performed using various methods, such as public encryption methods like the Public Key Cryptography Standard( PKCS), digital certificates or the Microsoft CAPI.
As the term Authentication, Authorization, and Accounting (AAA) indicates, AAA servers support several steps. Incommunication, authentication ensures that the communication partner is who they say they are, protecting communication and computing systems from misuse. In authorization, the AAA server checks whether the user is authorized and may use the desired service. And accounting is about the billing that is charged to the user for using the service.
All transactions of a AAA server are accurately logged in order to detect authorization violations and to be able to generate usage-based billing.