Wir haben unsere Datenschutzbestimmungen aktualisiert. Klicke hier, um dir die _Einzelheiten anzusehen. Tippe hier, um dir die Einzelheiten anzusehen.
Aktiviere deine kostenlose 30-tägige Testversion, um unbegrenzt zu lesen.
Erstelle deine kostenlose 30-tägige Testversion, um weiterzulesen.
Herunterladen, um offline zu lesen
Sitaraman Lakshminarayanan
Sr Security Architect at Pure Storage
Authorization has two components – Policy Definition and Policy Enforcement. Traditionally both used to be centralized and we spent all the time Integrating products- Built or Bought with Centralized Access Management. This typically led to increased cycle time to change any access policy or change software/deployment to fit into one particular authorization model. When that doesn’t fit, we would end up with multiple authorization enforcements written in different languages with or without any adherence to any standards such as XACML or others.
Imagine building few different or hundreds of products or services or micro services and you have to centrally manage all possible access policies. It’s definitely not a scalable solution in fast moving CI/CD world.
Now imagine a way where every developers or products can externalize its authorization and we can modify authorization enforcement in a consistent manner? Imagine where developers can write their own implementation of how authorization should be enforced for their environment? Remember there is no one size fits all authorization policy. A policy that works for your environment does not work for my environment – for any number of reasons from Risk management to type of business applications.
Open Policy Agent provides a consistent way to write authorization logic and expose it as REST API. Applications can easily integrate with OPA and can also write their own authroziation logics. Whether you are shipping products to customers or integrating a Product or Service into your environment, how awesome it would be to enforce your own authorization rules instead of changing your business process of who can gain access to what features.
In this talk we will explore the benefits of Decentralized Authorization and how to use Open Policy Agent to achieve decentralized authorization. A closer look at few applications /integrations whether it is REST API /Micro Services, or Kubernetes to control various authorization policies as to who can deploy/what can you deploy. We will also look at how to build Integration tests to check our authorization policies.
Sitaraman Lakshminarayanan
Sr Security Architect at Pure Storage
Authorization has two components – Policy Definition and Policy Enforcement. Traditionally both used to be centralized and we spent all the time Integrating products- Built or Bought with Centralized Access Management. This typically led to increased cycle time to change any access policy or change software/deployment to fit into one particular authorization model. When that doesn’t fit, we would end up with multiple authorization enforcements written in different languages with or without any adherence to any standards such as XACML or others.
Imagine building few different or hundreds of products or services or micro services and you have to centrally manage all possible access policies. It’s definitely not a scalable solution in fast moving CI/CD world.
Now imagine a way where every developers or products can externalize its authorization and we can modify authorization enforcement in a consistent manner? Imagine where developers can write their own implementation of how authorization should be enforced for their environment? Remember there is no one size fits all authorization policy. A policy that works for your environment does not work for my environment – for any number of reasons from Risk management to type of business applications.
Open Policy Agent provides a consistent way to write authorization logic and expose it as REST API. Applications can easily integrate with OPA and can also write their own authroziation logics. Whether you are shipping products to customers or integrating a Product or Service into your environment, how awesome it would be to enforce your own authorization rules instead of changing your business process of who can gain access to what features.
In this talk we will explore the benefits of Decentralized Authorization and how to use Open Policy Agent to achieve decentralized authorization. A closer look at few applications /integrations whether it is REST API /Micro Services, or Kubernetes to control various authorization policies as to who can deploy/what can you deploy. We will also look at how to build Integration tests to check our authorization policies.
Sie haben diese Folie bereits ins Clipboard „“ geclippt.
Sie haben Ihre erste Folie geclippt!
Durch Clippen können Sie wichtige Folien sammeln, die Sie später noch einmal ansehen möchten. Passen Sie den Namen des Clipboards an, um Ihre Clips zu speichern.Die SlideShare-Familie hat sich gerade vergrößert. Genießen Sie nun Zugriff auf Millionen eBooks, Bücher, Hörbücher, Zeitschriften und mehr von Scribd.
Jederzeit kündbar.Unbegrenztes Lesevergnügen
Lerne schneller und intelligenter von Spitzenfachleuten
Unbegrenzte Downloads
Lade es dir zum Lernen offline und unterwegs herunter
Außerdem erhältst du auch kostenlosen Zugang zu Scribd!
Sofortiger Zugriff auf Millionen von E-Books, Hörbüchern, Zeitschriften, Podcasts und mehr.
Lese und höre offline mit jedem Gerät.
Kostenloser Zugang zu Premium-Diensten wie TuneIn, Mubi und mehr.
Wir haben unsere Datenschutzbestimmungen aktualisiert, um den neuen globalen Regeln zum Thema Datenschutzbestimmungen gerecht zu werden und dir einen Einblick in die begrenzten Möglichkeiten zu geben, wie wir deine Daten nutzen.
Die Einzelheiten findest du unten. Indem du sie akzeptierst, erklärst du dich mit den aktualisierten Datenschutzbestimmungen einverstanden.
Vielen Dank!