The current state of cloud-native authorization
Year: 2023
Labels: cloud native, iam, authorization
The current state of cloud-native authorization
Speaker(s): Omri Gazitt
Video URL: https://www.youtube.com/watch?v=RVZpOEnQRVI
Summary: The talk highlights advancements in IAM and continuous challenges in the current state of access control. The speaker discusses a diverse landscape of authorization technologies and vendors - and brings up the important differences between anti-patterns (old-school) and best practices (modern approaches). The speaker represents Aserto, a cloud-native authorization as a service for developers.
Timestamps
00:00
- Introduction00:15
- Current state of IAM03:15
- Anti-patterns (old-school ways) vs Best Practices (modern ways)06:20
- Fine-grained Authorization09:25
- Policy-based Access Management10:45
- Real-time Access Checks12:30
- Vendor Landscape17:40
- Where is Aserto Positioned?19:00
- Outro
Key Takeaways
- Single sign-on (SSO) for SaaS applications is a largely solved problem, but access control remains problematic and complex.
- Lots of technologies, models and vendors in the authorization landscape. Navigating this ecosystem requires understanding different models and approaches.
- Modern best practices include: purpose-built authorization services, fine-grained access control, separation of authorization logic from application code, real-time access checks, and centralized decision logging.
- The speaker is from Aserto which is a modern authorization solution that aims to provide fine-grained, policy-based, real-time access control. It integrates easily with existing identity providers and development workflows. Aserto leverages the Topaz open-source project.