Infosec glossary entry

AAA

AAA:
Authentication, Authorization, and Accounting
aka. 3A

AAA refers to a framework used in network security and access control that encompasses three key components: Authentication, Authorization, and Accounting. Authentication is the process of verifying the identity of a user or device, ensuring that they are who they claim to be. This can involve various methods, such as passwords, biometrics, or security tokens. Once a user is authenticated, Authorization determines what resources or services the user is allowed to access, essentially granting permission based on predefined policies or roles.

Accounting, the third element of the AAA framework, involves tracking and recording user activities and resource usage within a system. This includes logging actions taken by users, which can be essential for compliance, auditing, and security monitoring. Together, these three components form a comprehensive approach to managing user access and maintaining security within information systems, especially in contexts like Security Operations Centers (SOC) where monitoring and compliance are critical.

is an architectural framework for configuring a set of three independent security functions in a consistent manner. AAA provides a modular way of performing authentication, authorization, and accounting services. https://www.cisco.com/c/en/us/td/docs/routers/access/cisco_router_and_security_device_manager/24/software/user/guide/AAA.pdf

By jean-christoph

March 5, 2022

accounting, authentication, authorization
Leave a Comment

this might interest you as well

Lessons from Sun Tzu’s “The Art of War” in Cybersecurity: Timeless Wisdom or Outdated Tactics?

Introduction Sun Tzu’s "The Art of War" is a legendary strategic treatise written more than 2,500 years ago. Its enduring principles of warfare strategy have transcended military boundaries, influencing disciplines from business management to competitive sports. In today’s digital age, its relevance is increasingly apparent in the cybersecurity landscape, particularly for CISOs of medium-sized enterprises,

Read More

Ransomware Resilience Starts in the Mind: Overcoming Cognitive Biases and Decision-Making Errors in Cybersecurity

Why We Keep Losing Despite Stronger Security Controls Over the past three years, businesses have almost doubled their confidence in cybersecurity—rising from 32% in 2021 to 54% in 2024 (The Global Cost of Ransomware Study, 2025). Despite this, ransomware’s impact has only grown: 40% of affected companies suffered significant revenue losses, 58% experienced operational downtime,

Read More

AI Cyber Security 2025: Key Threats and Essential Strategies for Your Business

Artificial Intelligence is transforming businesses and industries worldwide, but with this transformation comes unprecedented challenges. The recent launch of Cisco AI Defense, a specialized AI security solution, highlights the urgency of securing AI applications. According to Cisco, only 29% of enterprises feel fully prepared to detect and prevent unauthorized manipulations of AI systems. This low

Read More