Remote Authentication Dial-In User Service (RADIUS), also known as RADIUS Authenticaion Server, was originally developed to provide centralized authentication, authorization, and accounting for dial-up access to a network. Now it supports many kinds of remote, authenticated access including VPNs, wireless and DSL.
The development of this protocol has been driven by a mobile workforce and the need for partners and consultants to access information in the enterprise. These requirements have forced companies to offer a variety of inexpensive options for access over telephone lines and open networks.
A RADIUS client--for example, a wireless access point--sends a request with credentials on behalf of the entity that wants a connection to a RADIUS server. The server authenticates the client using a shared secret and authorizes the connection. Once this is done, typically, the user has all of the rights and privileges that they would have sitting at a desk in the company’s home office.