[ad_1]
RADIUS is a network protocol for authentication, authorization, and accounting between a client and network service. It’s used on untrusted systems, like the Internet, to manage communication through AAA. The protocol verifies identity, determines access parameters, and monitors usage for billing purposes.
RADIUS (Remote Authentication Dial In User Service) is a network protocol that handles authentication, authorization, and accounting (AAA) between a client and a network service. This means that the protocol will determine if a client is legitimate, determine what kind of access that client has, and then monitor that client while connected to the network. In most cases, a user will have no control over the Remote Authentication Dial In User Service protocol running on their computer, and the server operators have very little control over theirs. The whole process is automatic when used.
Typically, the RADIUS protocol is common on large systems with untrusted users or when moving between networks of untrusted users. On a network, two computers establish trust with each other to facilitate communication. When two computers trust each other, they can send information back and forth with little extra overhead. When they don’t trust, there are several stages of authentication and verification used at each stage of the communication.
Untrusted systems and users are more common on the Internet than anywhere else. Within an office building, school or home, computers trust each other and communication is very easy. On the Internet, multiple computers may need to access the same machine at the same time. These computers may trust the machine they are accessing, but they don’t trust each other. This circumstance is especially common on an Internet Service Provider (ISP) server when a local machine acquires domain information or email.
When two different ISPs have to send information back and forth from their respective areas, there is rarely any trust. These large untrusted systems use the Remote Authentication Dial In User Service protocol to get everything running smoothly without having to constantly check for untrusted system activity. The protocol manages the whole process through AAA.
Authentication is the first step used by the Remote Authentication User Dial Service. This step verifies that the untrusted computer or system is who it says it is. There are several ways to do this, but individual users typically provide user information and large systems provide security certificates.
The next step of the Remote Authentication Dial In User Service protocol is authorization. The main point of this step is to determine the parameters by which the two untrusted systems can communicate. This tells the connecting system exactly what it can and cannot do and how long it can stay connected.
The last step of RADIUS is accounting. This step has a dual purpose. First, it tells the host system exactly what the connected system is doing via periodic messages. Second, it sends information containing the exact time the connection was opened and the exact time it was closed. This is typically done for billing purposes between network owners.