AAAaaS - Authentication, Authorization and Accounting as a Service
AAAaaS is a software component that provides a set of libraries and tools for application developers in need of Authentication, Authorization and Accounting (AAA) services within the scope of their applications (e.g. to authenticate and authorize the end-users of that (or those) application(s).
These AAA services can be deployed and used directly by the software developer, per application or per application set. Eventually, they may also be provided “as-a-service” by an external entity – although this is not the expected usage model in the scope of EUBra-BIGSEA.
The software provides the general functionalities of traditional AAA and Identity and Access Management (IAM) services, including interfacing with external identity providers, but is deployable and manageable according with cloud principles such as scalability, elasticity and resilience: service instances are automatically deployed in line to the application needs; scale-up/scaledown operations are performed in reaction to workloads; and the lifecycle management is performed using cloud paradigms.
A key distinguishable feature of AAAaaS is the support for deployment and management according with cloud principles such as scalability, elasticity and resilience. The other features are similar to those provided by current
AAA toolkits. In practice:
- AAAaaS provides typical AAA and IAM services using cloud principles for deployment and lifecycle management.
- AAAaaS supports interfacing with external identity provider services.
- AAAaaS supports most relevant protocols for authentication, authorization and identity management.
- AAAaaS supports cloud-based deployment and management.
- AAAaaS is planned to be released as an open source contribution to the community.
Essential information for potential users
- AAAaaS only needs to be configured by the application developer.
- AAAaaS instances can be deployed per application (one application developer using it) or per application set (one or multiple application developers using it).
AAAaaS is being developed to be used in the EUBra-BIGSEA use cases. More specifically, it was designed to be used in scenarios where application developers need to use infrastructure-independent AAA and IAM services for their own applications. In the future, AAAaaS (or parts of it) may be made available to the community to be used in other contexts and other sectors.