Tech Talks Digest

The current state of cloud-native authorization

Year: 2023

Labels: cloud native, iam, authorization

The current state of cloud-native authorization

Speaker(s): Omri Gazitt

Video URL: https://www.youtube.com/watch?v=RVZpOEnQRVI

Summary: The talk highlights advancements in IAM and continuous challenges in the current state of access control. The speaker discusses a diverse landscape of authorization technologies and vendors - and brings up the important differences between anti-patterns (old-school) and best practices (modern approaches). The speaker represents Aserto, a cloud-native authorization as a service for developers.

Timestamps

  • 00:00 - Introduction
  • 00:15 - Current state of IAM
  • 03:15 - Anti-patterns (old-school ways) vs Best Practices (modern ways)
  • 06:20 - Fine-grained Authorization
  • 09:25 - Policy-based Access Management
  • 10:45 - Real-time Access Checks
  • 12:30 - Vendor Landscape
  • 17:40 - Where is Aserto Positioned?
  • 19:00 - Outro

Key Takeaways

  • Single sign-on (SSO) for SaaS applications is a largely solved problem, but access control remains problematic and complex.
  • Lots of technologies, models and vendors in the authorization landscape. Navigating this ecosystem requires understanding different models and approaches.
  • Modern best practices include: purpose-built authorization services, fine-grained access control, separation of authorization logic from application code, real-time access checks, and centralized decision logging.
  • The speaker is from Aserto which is a modern authorization solution that aims to provide fine-grained, policy-based, real-time access control. It integrates easily with existing identity providers and development workflows. Aserto leverages the Topaz open-source project.