Authorization: Ensuring Only Ada Can Access Her Files

Session Information

When an application is small, few or even no permissions are needed. However, as they grow larger, it is common to have increasingly complex permissions models. While things are still small, it’s easy to meet these needs through something built in-house, but as they become more complex, a better model is often needed.

The world of authorization solves precisely this problem. There are several common models, including ACLs, RBAC, and ABAC, which work well for different use-cases. In addition, there are several higher level architectures for implementing one of these as well as a number of different products available.

In this talk, I will discuss a high level overview of the authorization landscape. I will then delve into more depth about how we approached this problem at both Box and Split and some of the things we considered. I will include the pros and cons for the various options with regards to our use-cases and what we ultimately chose to do.

Presenters
  • Joy Ebertz
    Sr. Staff Engineer, Split
  • Transcript coming soon.

Get started today

Pulumi is open source and free to get started. Deploy your first stack today.