AAA (Authentication, Authorization, and Accounting) is a model for access control.

Authentication

Authentication is proving who you are. Authentication answers the question Who is this person?

Authentication is the first component of the AAA (Authentication, Authorization, and Accounting) model for access control.

Authentication must precede Authorization, because you must prove who you are before the identity management system can determine what you are authorized to do.

Authentication is traditionally accomplished using passwords. More secure authentication technologies include two factor authentication and biometrics.

Authorization

Authorization is defining what you are allowed (and not allowed) to do. Authorization answers the question What is this person authorized to do?

Authorization is the second component of the AAA (Authentication, Authorization, and Accounting) model for access control.

Authorization must follow Authentication, because before the identity management system can determine what you are authorized to do, it must first determine who you are.

Authorization systems are becoming increasingly granular. Early authorization systems would allow or disallow users access to specific computing systems. Modern authorization systems are able to allow or disallow access to specific menu items or database cells.

Accounting

Accounting is the process of keeping track of the changes a user implemented in a computing system. Accounting answers the question What did this person do?

Accounting is the third component of the AAA (Authentication, Authorization, and Accounting) model for access control.

Accounting systems are becoming increasingly granular. Early accounting systems would record access to specific computing systems. Modern accounting systems are able to record access to specific menu items or database cells.