What is IAAA in Cyber Security ? It means Identification, Authentication, Authorization and Accountability. It frame work for access control.
- Also called as Triple A model
- It is important concept to understand objectives of Cyber security.
Let see each of the term in detailed.
Identification:
- Every user should be identified by unique ID
- You can say to identify Who are you
For Example : Username, Employee number, Login ID Etc.
Authentication:
- Need to protect identification of the user
- Somebody may use your system.
- Need to verify its you are not
- Here you need to prove Who are you.
Example: Multiple factor authentication like OTP.
Authorization:
- Privileges, what type of information he can access
- You can say access control and rights.
- Here What you can access and permissions you have
Example: Admin full access ( control)
Normal users: ready only, access is restricted.
Accountability:
- Auditing of logs
- Logs should be protected
- Actions performed by the user require to be traceable, who has done the particular activity.
Example: tracing of user activity : what action done by user?
If he does any wrong he will be responsible for such thing and can be questioned the same.
It is also called as Non-Repudiation.
Benefits of IAAA:
- Effective Network Management
- Effective Security Management
Summary of IAAA in Cybersecurity:
| Identification | Who are you |
| Authentication | Prove Who are you |
| Authorization | What you can access |
| Accountability | What you have done |
Hope you get information regarding What is IAAA in Cyber Security ?
Please do share your thoughts on this.
Thanks
