AAA Made Easy, and the Impact on IoT
The Internet of Things (IoT) connects people, machines and information seamlessly, allowing data transfers unburdened by the need for human involvement. From heart monitors to rear view cameras, IoT integrations are an increasingly common part of our daily lives. With applications ranging from mundane (the temperature setting on a smart toaster) to critical (the fall detection setting on an Apple Watch), safeguards to protect the data streaming constantly from devices around the world are essential.
Authentication-Authorization-Accounting (AAA) allows for smart technologies to interact across a variety of industries, while following business rules and logic algorithms installed at the device level. Let's review the individual components that comprise AAA in order to fully understand the vital role they play.
Otherwise known as device identity, authentication serves as the first line of defense in securing end user encryption. It's akin to a security guard manning a gate that you need to pass through. Commonly used protocols, such as username and password registry, allow AAA servers to authenticate the information entered by the user to credentials stored in a database. When the credentials match, the user is allowed on the network.
Think of authorization protocols as the police service of AAA. They follow a series of algorithms to determine the information, resources and activities users are allowed access to. Conversely, authorization protocols prevent access to data, based on individual user permissions.
If authentication is the security guard and authorization is the police, think of the accounting portion of AAA as, well…the accountant. Logging, measuring and tracking the resources consumed while accessing the network, data collected is used for everything from trend analysis to resource utilization and billing.
Interactions of AAA
Authentication can be utilized separately, or with both authorization and accounting. Authorization always requires authentication first (one still has to get past the guard at the security gate, to continue the comparison) and accounting can also be accessed alone.
The rise of 5G and wealth of data accessed by devices today has required increased AAA interface. The "Fourth Industrial Revolution'"(also known as 4IR) sees integrated hardware, system and software functionality.
Paul A. Eisenstein in a piece for Forbes, details the interactivity of man and robot on Hyundai Motor Group assembly lines, with the literal heavy lifting now done by autonomous machines. Safeguards to protect end user data, logistics controls designed to ensure efficient automation and a host of other tasking directives rely on server-based AAA protocols.
Understanding TACACS+ and Radius servers
Access Control Servers (ACS) are designed to centralize and manage AAA. They act as a midpoint between the end user and the AAA process. Two varying protocols are used to facilitate this integration: TACACS+ and Radius.
Train by Dotifi explains the difference between the two protocols. TACACS+, developed by Cisco Systems, Inc., is generally regarded as the more reliable due to the use of TCP port 49. TCP is one of the two main ways to transmit data via TCP/IP networks, with UDP being the other. Radius is beneficial, seeing as it is not proprietary Cisco property, and can be used with other vendors. Either ACS server enables a litany of IoT tech to send protected data with AAA functionality.
Perle offers AAA solutions
Regardless of your AAA needs, Perle has you covered. From LTE Routers with support for TACACS+ and Radius to Industrial Switches offering AAA security services, Perle has an array of tech designed with the express purpose of delivering data securely. Read more about how Perle is using AAA security for networking equipment here.