The current state of cloud-native authorization

Speaker(s): Omri Gazitt

Video URL: https://www.youtube.com/watch?v=RVZpOEnQRVI

Summary: The talk highlights advancements in IAM and continuous challenges in the current state of access control. The speaker discusses a diverse landscape of authorization technologies and vendors - and brings up the important differences between anti-patterns (old-school) and best practices (modern approaches). The speaker represents Aserto, a cloud-native authorization as a service for developers.

Timestamps

• 00:00 - Introduction
• 00:15 - Current state of IAM
• 03:15 - Anti-patterns (old-school ways) vs Best Practices (modern ways)
• 06:20 - Fine-grained Authorization
• 09:25 - Policy-based Access Management
• 10:45 - Real-time Access Checks
• 12:30 - Vendor Landscape
• 17:40 - Where is Aserto Positioned?
• 19:00 - Outro

Key Takeaways

• Single sign-on (SSO) for SaaS applications is a largely solved problem, but access control remains problematic and complex.
• Lots of technologies, models and vendors in the authorization landscape. Navigating this ecosystem requires understanding different models and approaches.
• Modern best practices include: purpose-built authorization services, fine-grained access control, separation of authorization logic from application code, real-time access checks, and centralized decision logging.
• The speaker is from Aserto which is a modern authorization solution that aims to provide fine-grained, policy-based, real-time access control. It integrates easily with existing identity providers and development workflows. Aserto leverages the Topaz open-source project.