A system and method that allows a device to complete a single complete authentication sequence to a AAA server resulting in as many secure sessions required for the different applications or subsystems determined by the client's identity and the AAA server's policy. As the device is authenticated, it is determined where there are other sessions for the device. The sessions are established by generating unique new keying material that is passed to each session. This can be accomplished by (a) the authenticator or AAA server issuing the keys and distributing them to both the supplicant and applications (via their authenticators); or (b) authenticator or the AAA server mutually generating the session unique keys with the supplicant that are then distributed to the applications (via their authenticators).