Where results make sense

About us   |   Why use us?   |   Reviews   |   PR   |   Contact us

[No title]   (Site not responding. Last check: 2007-09-08) The AAA server must be able to send updated authorization state information to the NAS during a session, such as "stop service", so as to limit the impact of fraud, and for other reasons. AAA may need to support both approaches and allow the operator to tune the reporting to suit their needs. AAA 11-11-99 Agenda Interim meeting Jan. 19-20 Probably CA, near RSA meeting Draft-arkko-acctrqlis-00 Jari Arkko [Slides] This document is based on same sources as NASREQ requirements, and used additional documents for methodology requirements. sunsite.utk.edu /ftp/usr-218-2/ietf/aaa/aaa-minutes-99nov.txt   (4681 words)

[No title] The AAA protocol MUST be able to detect a failure of the transport protocol to deliver a message or messages within a known and controllable time period, so it can engage retransmission or server fail-over processes. Authorization Protocol Requirements In all cases, the protocol MUST specify that authorization data sent from the NAS to the AAA server is to be regarded as information or "hints", and not directives. First, the AAA protocol MUST provide a means of selecting a protocol filter by reference to an identifier, with the details of the filter action being specified out of band. www.isi.edu /in-notes/rfc3169.txt   (4165 words)

RFC 2989 (rfc2989) - Criteria for Evaluating AAA Protocols for Network Acc Proxy A AAA proxy is an entity that acts as both a client and a server. Proxy Broker A Proxy Broker is a AAA entity that satisfies the definition of a Broker, and acts as a Transparent Proxy by acting as the forwarding agent for all AAA messages between the local ISP and the home domain's AAA servers. Object level confidentiality implies that only the target AAA entity for whom the data is ultimately destined may decrypt the data, regardless of the fact that the message may traverse one or more intermediate AAA entities (e.g., proxies, brokers). www.faqs.org /rfcs/rfc2989.html   (3338 words)

RFC 2903 (rfc2903) - Generic AAA Architecture Ideally the AAA server would have a rule based engine at this point which would know the logic rules and understand some generic information in the request, but it would not know anything about application specific information except where this information can be evaluated to give a boolean or numerical value. Instead there is a suite of protocols, and each one is optimized to solve the problems found at its layer of the AAA protocol stack hierarchy. Protocol Data Unit Types Each service layer defines a lexicon of protocol data units (PDUs) that communicate between the layer's peer processes the information that controls and/or monitors that service layer's distributed state and allows the service processes of that layer to perform their functions. www.faqs.org /rfcs/rfc2903.html   (6235 words)

RFC 2903 The interactions of the generic AAA server with the Application Specific Modules and with each other to realize complex AAA functions is explored in section 2. Because of the widespread deployment of equipment that implements legacy AAA protocols and the desire to realize the functionality of the new AAA protocol while protecting the investment in existing infrastructure, it may be useful to implement a AAA gateway function that can encapsulate legacy protocol data units within the messages of the new protocol. It is hoped that by using this generic model it will be feasible to design a AAA protocol that is "future proof", in a sense, because much of what we do not think about now can be encoded as application specific information and referenced by policy rules stored in a policy repository. library.n0i.net /rfc/html/rfc2903.html   (6103 words)

[No title] SIP is a signalling protocol for creating, modifying, and terminating different types of sessions, such as Internet phone calls, multimedia distribution, and multimedia conferences [1]. Protocol solutions are not required to satisfy requirements for services that they do not support. That is, the AAA server has to be able to check the end user's account for coverage for the requested service event charge before authorizing execution of that service event. www.freesoft.org /CIE/RFC/Orig/rfc3702.txt   (2917 words)

Glossary of Terms The AAA Server returns an Access-Challenge to the client when it is necessary to issue a challenge that the user must respond to. To the AAA server, it means the conditionally applicable set of attribute-value pairs that an AAA protocol, such as RADIUS, may support. Realms are only used by the AAA Server to determine where an authentication request should be sent and what kind of authentication to request, etc. Naming a realm with its domain name simplifies things for the users, since their access ids will then look the same as their e-mail addresses. docs.hp.com /en/T1428-90061/go01.html   (1790 words)

[No title] The aaa and aaas URI schemes This section defines the syntax of the "aaa" and "aaas" URI schemes using the augmented Backus-Naur Form (BNF) defined in RFC 2234 [RFC2234]. Both the "aaa" and the "aaas" URI schemes are used to identify resources related to authentication, authorization and accounting (AAA) functions that are accessed with AAA protocols such as RADIUS [RFC2865] or Diameter [RFC3588]. Garcia-Martin Expires November 1, 2004 [Page 4] Internet-Draft AAA URI May 2004 The use of the "aaas" URI is restricted by the support of TLS provided by the AAA protocol and the transport protocol. tools.ietf.org /wg/aaa/draft-ietf-aaa-uri/draft-ietf-aaa-uri-01   (1832 words)

[No title] A protocol submission that satisfies all the MUST, MUST NOT, SHOULD and SHOULD NOT requirements for its capabilities is said to be "unconditionally compliant"; one that satisfies all the MUST and MUST NOT requirements but not all the SHOULD or SHOULD NOT requirements for its protocols is said to be "conditionally compliant." Aboba, et al. Informational [Page 4] RFC 2989 Network Access AAA Evaluation Criteria November 2000 Local Proxy A Local Proxy is a AAA server that satisfies the definition of a Proxy, and exists within the same administrative domain as the network device (e.g., NAS) that issued the AAA request. Informational [Page 8] RFC 2989 Network Access AAA Evaluation Criteria November 2000 Clarifications [a] The AAA protocol must be capable of supporting millions of users and tens of thousands of simultaneous requests. www.isi.edu /in-notes/rfc2989.txt   (3742 words)

RFC 2989 A Local Proxy is a AAA server that satisfies the definition of a Proxy, and exists within the same administrative domain as the network device (e.g., NAS) that issued the AAA request. A Routing Broker is a AAA entity that satisfies the definition of a Broker, but is NOT in the transmission path of AAA messages between the local ISP and the home domain's AAA servers. A Proxy Broker is a AAA entity that satisfies the definition of a Broker, and acts as a Transparent Proxy by acting as the forwarding agent for all AAA messages between the local ISP and the home domain's AAA servers. library.n0i.net /rfc/html/rfc2989.html   (3273 words)

[No title]   (Site not responding. Last check: 2007-09-08) This limits the usefulness of IPsec in inter-domain AAA applications (such as roaming) where it may be desirable to define a distinct certificate hierarchy for use in a AAA deployment. In that sense, Diameter is a peer- to-peer protocol. Protocol Overview The base Diameter protocol may be used by itself for accounting applications, but for use in authentication and authorization it is always extended for a particular application. www.rpi.edu /AFS/campus/doc/rfc/authors/rfc3588-diff.html   (11848 words)

WG Review: Authentication, Authorization and Accounting (aaa)   (Site not responding. Last check: 2007-09-08) The purpose behind creating a general AAA protocol for the Internet is to create a common base protocol for a number of specific AAA applications. By creating a general base Protocol, the amount of work to create a specific AAA protocols will be reduced. A close second is to consider proposals of base protocols; ideally, the working group should be able to finalize requirements and review proposals during its second meeting. www.cctec.com /maillists/ietf/msg06122.html   (308 words)

DIAMETER This is the document that was submitted to the AAA WG as a formal submission of the Diameter protocol, and evaluates the protocol against the AAA requirements. This is the base protocol document, which describes the basic message formatting, AVP formats, hop-by-hop security, proxying, error reporting, etc. The document is specifically split into each of these sections. The base protocol is not used in isolation, but rather with at least one service specific application, such as Mobile IP or NASREQ. www.diameter.org   (554 words)

Cisco - Layer 2 Tunnel Protocol It is the server side of the L2TP protocol and must operate on any platform that terminates PPP sessions. Next we'll configure AAA to tell the LAC to use the local router configuration for tunnel authentication and authorization. The profile contains information for the domain (in this case isp.com), such as the IP address for the LNS (where the tunnel is going), the tunnel ID (in this case, sp_lac), the tunnel type, and the tunnel password. www.cisco.com /warp/public/cc/pd/iosw/tech/l2pro_tc.htm   (4009 words)

AAA protocol - Wikipedia, the free encyclopedia In computer security, AAA stands for authentication, authorization and accounting protocol. RFC 3169 Criteria for Evaluating Network Access Server Protocols This page was last modified 09:21, 20 April 2006. en.wikipedia.org /wiki/AAA_protocol   (304 words)

Try your search on: Qwika (all wikis)

About us   |   Why use us?   |   Reviews   |   Press   |   Contact us   Copyright © 2005-2007 www.factbites.com Usage implies agreement with terms.