Explore the challenges and solutions for implementing access control in message-driven systems through this conference talk from NDC Porto 2023. Delve into the complexities of protecting resources in asynchronous applications, where user requests trigger backend processing at later times and involve multiple message types with different semantics. Learn how to overcome the limitations of traditional access control methods in decoupled, dynamic systems by implementing a token-based approach using Open Policy Agent (OPA). Discover techniques for verifying messages and claims of users and services throughout the asynchronous communication flow, supporting zero trust principles. Examine the unique characteristics of various message types and their implications for access control implementation. Gain insights into performance and scalability considerations, as well as strategies for deploying and implementing permission policies. Equip yourself with the knowledge to secure message-driven architectures in constantly-changing environments and support emerging interaction patterns.
Overview
Syllabus
Access control in message-driven systems - Marc Klefter - NDC Porto 2023
Taught by
NDC Conferences
Related Courses
-
Behavioural Theory of Systems with a View Toward Data Driven Control
-
Fine-Grained Authorization with Relationship-Based Access Control
-
Message Brokering and Event Driven Architecture on Azure
-
My 25 Laws of Test Driven Development
-
Test Driven Development with C# - From Padawan to Jedi
-
AUDACIOUS - User-Driven Access Control with Unmodified Operating Systems
