Remote Authentication Dial-In User Service (RADIUS) is a widely deployed system to provide authentication, authorization and accounting for network access. Originally, RADIUS was developed for dial-up remote access. Nowadays, RADIUS is used by many (wired and wireless) Internet service providers and end user organisations to provide secure Internet access.
When a user wants to get access to the Internet he will first have to give his users credentials (in most cases username and password) to a local RADIUS client. The RADIUS client passes this information to a RADIUS server. This server checks that the information is correct and then authorizes access.
Transactions between the client and RADIUS server are authenticated through the use of a shared secret, which is never sent over the network. The shared secret is used to secure the information that is transmitted between the client and the server. The shared secret is commonly configured as a text string on both the RADIUS client and the RADIUS server.
RADIUS is described in RFC 2865. RFC 2866 gives information about the use of RADIUS for accounting.