Editing RADIUS (section)

{{Short description|Authentication networking protocol}}
{{About|an authentication networking protocol||Radius (disambiguation)}}
{{more citations needed|date=April 2015}}
{{IPstack}}

'''Remote Authentication Dial-In User Service''' ('''RADIUS''') is a networking protocol that provides centralized authentication, authorization, and accounting ([[AAA_(computer_security)|AAA]]) management for users who connect and use a network service. RADIUS was developed by [[Livingston Enterprises]] in 1991 as an access server authentication and accounting protocol. It was later brought into [[IEEE 802]] and [[Internet Engineering Task Force|IETF]] standards.

RADIUS is a [[client/server]] protocol that runs in the [[application layer]], and can use either [[Transmission Control Protocol|TCP]] or [[User Datagram Protocol|UDP]]. [[Network access server]]s, which control access to a network, usually contain a RADIUS client component that communicates with the RADIUS server.<ref name="ciscohow" /> RADIUS is often the [[Back-end database|back-end]] of choice for [[802.1X]] authentication.<ref name="Brown2006">{{cite book|author=Edwin Lyle Brown|title=802.1X Port-Based Authentication|url=https://books.google.com/books?id=nlbrC3KLvCAC&pg=PA17|year=2006|publisher=Taylor & Francis|isbn=978-1-4200-4465-2|page=17}}</ref> A RADIUS server is usually a [[background process]] running on [[UNIX]] or [[Microsoft Windows]].<ref name="ciscohow">{{cite web |url=http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a00800945cc.shtml |title=How Does RADIUS Work? |publisher=[[Cisco]] |date=2006-01-19 |access-date=2009-04-15}}</ref>

The Blast-RADIUS attack breaks RADIUS when it is run on an unencrypted transport protocol like UDP.<ref name="Blast-RADIUS">{{cite web |url=https://www.blastradius.fail/ |title=Blast-RADIUS |author=<!--Not stated--> |date=July 9, 2024 |website= |publisher= |access-date=July 10, 2024 |quote=}}</ref>