In existing broadband/mobile network, an Authentication, Authorization and Accounting (“AAA”) server is used to provide a server program (such as protocol), that manages user requests in accessing computer resources and provides Authentication, Authorization and Accounting services.
The AAA server typically interacts with servers and databases for obtaining user information, such as Relational Database Management Systems (RDBMS) in which the data and the relationship between the data is stored in the data management system in tables, or such as Lightweight Directory Access Protocol (LDAP) servers, which index the data in their entries and queries for specific required data.
The interaction between the AAA server and other servers and databases is by a query language, such as LDAP or SQL which receive Remote Authentication Dial-In User Service (RADIUS) requests, process them and return responses.
User devices or applications also communicate with AAA servers, typically through RADIUS. However, other AAA protocols for interacting with the AAA servers are also in use, such as Diameter, TACACS, TACACS+, NIS and NIS+.
Authentication includes the process of identifying the user and associating a digital identity of one entity with another entity, for example associating a client with a user via a password.
Based on the Authentication, Authorization is carried out. During the authorization process, entitlements of the user are defined, such as policy or privileges.
Accounting keeps track of the consumption of network resources by users. The type of information that is gathered in accounting includes, for instance, the billing identity or, session/service hierarchy. Other information which can be gathered includes inter-alia the user's identity, and the nature and duration of the services which are being provided to the user.