RADIUS stands for Remote Authentication Dial-in User Service. It is a network protocol that enables centralized authentication, authorization, and accounting regarding requests sent over a network. Leveraging the RADIUS protocol can be highly advantageous in the modern office, but how has a network protocol that was originally designed for dial-up internet managed to stay relevant? To answer this question, let’s take a look at the history and evolution of the RADIUS protocol.
Genesis and Development
It all began in 1987 when the National Science Foundation (NSF) released a bid to expand and support the national internet via the NSFnet, the foundation of what would become the internet we know and love today. Merit Network Inc., a nonprofit corporation hosted at the University of Michigan, had been developing a proprietary network protocol to connect universities throughout the state of Michigan for years and was awarded the contract from the NSF. Yet, their network had to be converted from their proprietary protocol to the IP based network of the NSFnet. Merit then solicited proposals from various vendors to develop a protocol that would support Merit’s dial in support needs. In 1991, a response was received from a company called Livingston Enterprises. Their proposal was a description of the RADIUS protocol. Merit awarded the contract to Livingston and the rest is history.
How Does the RADIUS Protocol Work?
RADIUS utilizes the client/server model. Requests for access are sent from a client to the RADIUS server for verification. The server receives requests as a package containing the client’s username, password, IP address and port then queries the database for matching credentials. Depending on the information received from the client, the server will then return an action to accept, reject, or challenge and will grant access to the requested service accordingly.
What core problem does it solve?
The proto-internet was largely based on proprietary protocols and was very exclusive. RADIUS was developed to replace the proprietary dial-in services with standard dial in servers in an effort to bring internet services to the public. RADIUS initially solved the problem of authentication, authorization, and accounting (AAA) (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Vince Lujan. Read the original post at: https://jumpcloud.com/blog/radius-history-evolution/