In the AAA security model, what does 'Authentication' refer to?

In the AAA security model, 'Authentication' specifically refers to the process of establishing proof that a subject—be it a user, device, or system—is who they claim to be. This is a critical step in security management as it involves verifying credentials such as passwords, biometrics, or tokens before granting access to resources. Authentication ensures that only legitimate users or entities can access sensitive systems, thus laying the foundation for building secure environments.

The focus of authentication on identity verification sets it apart from the other components of the AAA model. For instance, monitoring actions of a subject pertains to 'Accounting,' which tracks activities, while specifying actions that a subject is allowed to perform relates to 'Authorization,' defining what an authenticated subject can or cannot do. Reviewing access logs is also part of the accounting process, which helps in auditing user activities but does not contribute to the authentication process itself.