Introduction

Access to resources, information or substantial data is not for everyone. Someone who requests access to such resources must be rightfully verified and authenticated. This is where the IAAA operation comes in.

IAAA, an abbreviation for Identification, Authentication, Authorizing, and Accounting, traces the whole process in access management. This enables specific individuals to access certain information or data to complete their work or task.

How does the IAAA Operation Work

Identification:

How would the computer recognize you? You can sign in to the account you created in a particular domain or computer through your user credentials (specifically username or ID). Regardless of where you are operating, you must have a defined username specific and unique to that domain or computer system.

Authentication:

This is where the main process of access management begins. Authentication is the act of proving something or someone to be truthful or safe. This process begins when you enter your password while signing in. For some systems, authentication does not stop there as the user has to pass several layers to prove their identity and have their motive be approved (e.g., multi-factor authentication). These two processes of identification and authentication complete the user credentials required to gain access to the server. If the credentials entered match the user information stored in the server storage, the end-user would be granted.

Authorizing:

Now that you have gained entry into the server after authentication, you and your identity must be authorized to access specific data and information. Some people tend to confuse authentication and authorization. They believe that everyone authenticated to have access to the domain or computer server means that they are authorized to access all the information and data present in the server. This is not so.

The system will verify if your credentials are authorized to perform specific actions or have a particular degree of access. If you are verified, you will be authorized. For instance, in email clients such as Gmail, one can send or receive an email but not change the website’s script or integrate more functions as the user is not authorized to do so.

Accounting:

This is the last part of the IAAA operation, which monitors all the resources and data accessed by the user. This function is also known as auditing. It records specific information about the user, such as the volume of data and resources gathered or downloaded, the total usage time, authorization control given, etc. Storing such data is important and advantageous in case the server gets exploited. These user data could then be studied to find the root cause of the cyber attack.