RFC 2903 (rfc2903) - Page 2 of 26

Generic AAA Architecture

Alternative Format: Original Text Document
< Previous
Next >
RFC 2903                Generic AAA Architecture             August 2000


Table of Contents

   1. Introduction ................................................  2
   2. Generic AAA Architecture ....................................  4
      2.1. Architectural Components of a Generic AAA Server .......  4
           2.1.1. Authorization Rule Evaluation ...................  4
           2.1.2. Application Specific Module (ASM) ...............  5
           2.1.3. Authorization Event Log .........................  6
           2.1.4. Policy Repository ...............................  6
           2.1.5. Request Forwarding ..............................  6
      2.2. Generic AAA Server Model ...............................  6
           2.2.1. Generic AAA Server Interactions .................  7
           2.2.2. Compatibility with Legacy Protocols .............  7
           2.2.3. Interaction between the ASM and the Service .....  9
           2.2.4. Multi-domain Architecture ....................... 10
      2.3. Model Observations ..................................... 10
      2.4. Suggestions for Future Work ............................ 11
   3. Layered AAA Protocol Model .................................. 12
      3.1. Elements of a Layered Architecture ..................... 14
           3.1.1. Service Layer Abstract Interface Primitives ..... 14
           3.1.2. Service Layer Peer End Point Name Space ......... 14
           3.1.3. Peer Registration, Discovery, and Location
           Resolution ............................................. 14
           3.1.4. Trust Relationships Between Peer End Points ..... 14
           3.1.5. Service Layer Finite State Machine .............. 15
           3.1.6. Protocol Data Unit Types ........................ 15
      3.2. AAA Application Specific Service Layer ................. 15
      3.3. Presentation Service Layer ............................. 16
      3.4. AAA Transaction/Session Management Service Layer ....... 17
      3.5. AAA-TSM Service Layer Program Interface Primitives ..... 20
      3.6. AAA-TSM Layer End Point Name Space ..................... 21
      3.7. Protocol Stack Examples ................................ 22
   4. Security Considerations ..................................... 22
   Glossary ....................................................... 23
   References ..................................................... 24
   Authors' Addresses ............................................. 24
   Full Copyright Statement ....................................... 26

1.  Introduction

   The work for this memo was done by a group that originally was the
   Authorization subgroup of the AAA Working Group of the IETF.  When
   the charter of the AAA working group was changed to focus on MobileIP
   and NAS requirements, the AAAarch Research Group was chartered within
   the IRTF to continue and expand the architectural work started by the
   Authorization subgroup.  This memo is one of four which were created
   by the subgroup.  This memo is a starting point for further work
   within the AAAarch Research Group.  It is still a work in progress



de Laat, et al.               Experimental
< Previous
Next >