The AAA framework
Authentication is responsible for verifying the user’s identity – usually by checking whether the user possesses certain knowledge (such as a password), data (such as a cryptographic key or the correct seed for a time-based authentication algorithm), a physical item (such as a hardware key storage), or an attribute (such as a fingerprint).
Authorization is the process of checking whether the user that attempts to execute an action has permission to do so. Since in UNIX systems many entities, such as hardware devices and sockets, are represented as files, a lot of the time, file access permissions are used as an authorization framework.
Finally, the accounting process ensures that user actions are recorded so that it is possible to attribute actions to users, monitor user activity for anomalies, and investigate...