Centralized Access Control Administration

In a centralized access control administration, one group is controlling how subjects
access objects. This obligation usually falls upon the IT group and security
officers. They are responsible for configuring the systems that will enforce this
type of access control. The systems need to have at least a database of known users,
their credential sets, and allowed operations dictated by the access criteria.
The systems are used to identify, authenticate, and authorize users before access
to network resources is granted. The three types of centralized access control
technologies discussed are RADIUS,TACACS+, andDiameter. Each of these are
usually used when remote users need to access a corporate network either from a remote site, a home office, or for road warriors that access the network
through Internet Service Providers (ISPs).
These three centralized access control technologies are referred to as AAA
protocols, which stand for authentication, authorization, and auditing. They
provide the same overall functionality, but each has differences that would be
best used in different environments.