IT systems must manage users and control access privileges to protect sensitive resources. This function is usually implemented in enterprise networks through authentication (verification of identity), authorization (control of access privileges) and accounting (recording of actions for auditing)—an “AAA” security framework.