Beyond RBAC
Facebook X LinkedIn

Beyond RBAC

Combined Session
Wednesday, May 10, 2023 17:30—18:30
Location: B 07-08

Enforcing Decentralized Authorization in a Multi-Platform API Landscape at Scale

Authorization (AuthZ) and Authentication (AuthN) go hand in hand in ensuring zero-trust in your system landscape. But while scaling identity can be done by centralizing it in an IAM solution, centralizing authorization is seldom a scalable solution. Increased latency, varying requirements and maintainability are all key reasons to want a more decentralized solution that can adapt and scale.

In this talk we will describe how to use Open Policy Agent (OPA) to achieve decentralized authorization in a multi-platform API landscape, including both modern and legacy platforms, while simultanously ensuring centralized compliance controls and enforcement.

Enforcing Decentralized Authorization in a Multi-Platform API Landscape at Scale
Event Recording
Enforcing Decentralized Authorization in a Multi-Platform API Landscape at Scale
Click here to watch the recording of this session. Please note that this video is only available to event participants and subscribers. You'll need to log in to watch it.
Enforcing Decentralized Authorization in a Multi-Platform API Landscape at Scale
Presentation deck
Enforcing Decentralized Authorization in a Multi-Platform API Landscape at Scale
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.
Michael Lind Mortensen
Michael Lind Mortensen
Bankdata
Michael is a leader in one of Denmark's biggest banking consortiums, Bankdata, managing zero-trust decentralized authorization for 8 member banks and 2000+ APIs. Michael has also been a board...

Modern Authorization Panel - Going Beyond RBAC

Every cloud-native application needs some form of access control. Most applications provide role-based access control (RBAC), which has limitations when it comes to enterprise scale and fine-grained access control. 
Zero trust architectures require us to go further. Following the principle of least privilege, modern cloud apps can implement just in time authorization with fine-grained controls. With a fine-grained model, access rules can be defined on the application’s resources, often down to individual items. And a just-in-time model helps ensure the user has access to what they need, when they need it.

Two ecosystems are emerging around modern authorization: Policy-as-code and policy-as-data. Open Policy Agent (OPA) brings a policy-as-code approach to fine-grained authorization, and Google’s Zanzibar is the most known representative of the policy-as-data camp.
Join the panelists to discuss new developments in modern authorization, and compare the strengths and weaknesses of policy-as-code and policy-as-data as foundational models for a robust access control system.

Gert Drapers
Gert Drapers
Aserto
Gert Drapers is the co-founder and CTO of Aserto.com, leading technology implementation and strategy. A widely recognized expert in the data and developer space, Gert has built and operated various...
Anders Eknert
Anders Eknert
Styra
Anders Eknert has a long background in software development and security. Previously in his career, Anders focused primarily on identity systems. He has spent more recent years in the emerging...
Sebastien Faivre
Sebastien Faivre
Brainwave GRC
Sebastien is Chief Technical Officer and co-founder at Brainwave GRC, responsible for product vision, features and design. Sebastien is a seasoned Product Management expert with more than 20 years...
Benoit Grangé
Benoit Grangé
Omada
Benoit brings over 25 years of experience in leading teams to build world-class products and services focused on delivering an exceptional customer experience and security. Benoit is a technology...
Michael Lind Mortensen
Michael Lind Mortensen
Bankdata
Michael is a leader in one of Denmark's biggest banking consortiums, Bankdata, managing zero-trust decentralized authorization for 8 member banks and 2000+ APIs. Michael has also been a board...
Atul Tulshibagwale
Atul Tulshibagwale
SGNL
Atul is a federated identity pioneer and the inventor of the Continuous Access Evaluation Protocol (CAEP), forming the basis of the Shared Signals and Events working group in the OpenID Foundation,...
Subscribe for updates
Please provide your email address