Authentication

Authentication

The process of verifying the identity of a user or device.

Authorization

The process of determining what resources or actions an authenticated user is allowed to access.

Accounting

The process of tracking and logging user activity on a network.

AAA Framework

A security framework consisting of Authentication, Authorization, and Accounting.

Single Sign-On (SSO)

An authentication method that allows a user to log in once and access multiple systems.

Remote Authentication Dial-In User Service (RADIUS)

A centralized authentication protocol commonly used for VPN and wireless network access.

Lightweight Directory Access Protocol (LDAP)

A protocol used to access and manage directory services and store information about users, groups, devices, and network resources.

Directory Service

A centralized database that stores and organizes information about users, groups, devices, and network resources.

Security Assertion Markup Language (SAML)

An open standard that allows authentication and authorization information to be exchanged between systems, often to enable Single Sign-On (SSO).

Token

A digital credential issued after successful authentication that proves a user’s identity and permissions, allowing access to resources without repeatedly entering credentials.

Terminal Access Controller Access-Control System Plus (TACACS+)

A centralized AAA protocol used to authenticate, authorize, and account for administrative access to network devices.

Multi-Factor Authentication (MFA)

A security method that requires two or more authentication factors.

Time-Based One-Time Password (TOTP)

An authentication method that grenerates a temporary one-time code based on the current time, typically through an authenticator app.

Authentication Factor

A category of credentials used for authentication, such as something you know, have, are, or where you are.