The present invention relates generally to the field of security keys and more particularly to a hybrid security key with isolated physical and logical attributes for remote Authentication, Authorization, and Auditing (AAA).
Security controls are safeguards or countermeasures to avoid, detect, counteract, or minimize security risks to physical property, information, computer systems, or other assets. A security controls system can have a physical layer, e.g. doors and locks, and a technical layer, e.g. user authentication and logical access controls.
AAA is a term for a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services. These combined processes are considered important for effective electronic device management and security.
First, authentication provides a way of identifying a user, typically by having the user enter a valid user name and valid password before access is granted. The process of authentication is based on each user having a unique set of criteria for gaining access. The AAA device compares a user's authentication credentials with other user credentials stored in a database. If the credentials match, the user is granted access to the device. If the credentials are at variance, authentication fails and device access is denied.
Following authentication, a user must gain authorization for doing certain tasks. After logging into a device, for instance, the user may try to issue commands. The authorization process determines whether the user has the authority to issue such commands. Simply put, authorization is the process of enforcing policies: determining what types or qualities of activities, resources, or services a user is permitted. Usually, authorization occurs within the context of authentication. Once you have authenticated a user, they may be authorized for different types of access or activity.
The final plank in the AAA framework is auditing, which measures the resources a user consumes during access. This can include the amount of system time or the amount of data a user has sent and/or received during a session. Auditing is carried out by logging of session statistics and usage information and is used for authorization control, billing, trend analysis, resource utilization, and capacity planning activities.