What is IAAA in Cyber Security ? It means Identification, Authentication, Authorization and Accountability. It frame work for access control.
- Also called as Triple A model
- It is important concept to understand objectives of Cyber security.
Let see each of the term in detailed.
- Every user should be identified by unique ID
- You can say to identify Who are you
For Example : Username, Employee number, Login ID Etc.
- Need to protect identification of the user
- Somebody may use your system.
- Need to verify its you are not
- Here you need to prove Who are you.
Example: Multiple factor authentication like OTP.
- Privileges, what type of information he can access
- You can say access control and rights.
- Here What you can access and permissions you have
Example: Admin full access ( control)
Normal users: ready only, access is restricted.
- Auditing of logs
- Logs should be protected
- Actions performed by the user require to be traceable, who has done the particular activity.
Example: tracing of user activity : what action done by user?
If he does any wrong he will be responsible for such thing and can be questioned the same.
It is also called as Non-Repudiation.
Benefits of IAAA:
- Effective Network Management
- Effective Security Management
Summary of IAAA in Cybersecurity:
|Identification||Who are you|
|Authentication||Prove Who are you|
|Authorization||What you can access|
|Accountability||What you have done|
Hope you get information regarding What is IAAA in Cyber Security ?
Please do share your thoughts on this.