Early-bird Discount
expires in
Register Now

Agenda

Enabling Fine Grained Authorization for Microservices with Standards

Enabling Fine Grained Authorization for Microservices with Standards

Combined Session
Friday, June 07, 2024 13:50—14:10
Location: B 07-08
Watch the video
Log in to download presentations

The proliferation of micro-services along with the changing threat landscape means it is no longer possible to rely on network segmentation to establish a secure permitter while allowing broad access between services inside the perimeter. As a result, we have to assume that the attackers are inside the perimeter and apply fine grained authorization at the microservice level to ensure least privilege access based on the context of each transaction. This context includes details of the transaction, the user, other services, or workloads in the call chain as well as the trust domains in which the services operate.

The good news is that there are two new complimentary standards being developed in the IETF OAuth working group that provide a standardised mechanism for preserving transaction context. The Transaction Tokens draft provides a mechanism for preserving context for fine grained authorization decisions within a trust domain, while Identity Chaining across Trust Domains provides a mechanism for preserving that context even when crossing trust boundaries. In this session we will provide an overview of these two emerging standards and describe how they are used to enable fine grained authorization in microservices.

Pieter Kasselman
Identity Standards Architect
Microsoft
Pieter Kasselman is a member of Microsoft's Identity Standards team where he focus on developing standards to address the most important problems in the field of identity. Pieter has over 25 years'...
Almost Ready to Join EIC 2024?
Reach out to our team with any remaining questions
Get in touch