Explore the groundbreaking developments in cloud-native authorization through this 37-minute conference talk delivered at CNCF by Omri Gazitt from Aserto. Dive into the emergence of AuthZEN, a new OpenID Foundation working group established in late 2023, aimed at creating unified authorization standards similar to OpenID Connect's role in federated login. Learn about the current fragmented state of authorization, where vendors maintain their own APIs and protocols, and understand how this landscape is evolving. Examine both policy-as-code and policy-as-data approaches, including deep dives into open source projects like OPA, Topaz, and Zanzibar-style implementations. Discover the progress made in developing a universal authorization API that bridges different policy approaches, review the latest API specifications, and see demonstrations of interoperable implementations. Gain valuable insights into how engineering teams can confidently externalize their authorization systems while avoiding vendor lock-in through proprietary APIs.
AuthZEN: The OpenID Connect for Authorization - A New Standard for Cloud-Native Authorization
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
AuthZEN: The “OpenID Connect” for Authorization - Omri Gazitt, Aserto
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Fine-Grained Authorization with Topaz - Open Source Solutions
-
Exploring Best Practices for Implementing Authentication and Authorization in a Cloud-Native Environment
-
Design Patterns for OPA and Cloud Native Authorization
-
Introduction to Open Policy Agent (OPA) for Security and Authorization
-
Fixing Broken Access Control - Cloud-Native Authorization Principles and Patterns
-
Authorization in Microservices World - Kubernetes, ISTIO and Open Policy Agent
