Sohan Maheshwar
Lead Developer Advocate
About
Sohan is a Lead Developer Advocate at AuthZed, based in the Netherlands. He started his career as a developer building mobile apps and has worked in the developer relations space since 2013, in companies such as Amazon, Fermyon and Gupshup.
He has always been interested in emerging technologies and how it shapes the world around us.
Presentation
Build global-scale Authorization with SpiceDB and Kubernetes
Open Worldwide Application Security Project (OWASP) publishes a "Top 10 Security Risks for Web Apps" list and guess what currently sits at the top of this list: Broken authorization.
This talk is centered around Google Zanzibar - the singular authorization service that powers permissions and sharing across all Google properties, including Docs, YouTube, and Cloud IAM. Creating a consistent, global-scale authorization system that can process "more than 10 million client queries per second” is not a trivial task. The talk will cover how the paper lays out an engineer-friendly blueprint for building a highly scalable distributed system with flexible consistency guarantees.
We'll cover foundational knowledge of Relationship Based Access Control (ReBAC) and then the technical implementations behind Zanzibar. The presentation will cover the different APIs for interacting with the system and also a deep-dive into how the “New Enemy” problem was solved. The talk will conclude with how you can use open source tools to build authZ into your application and include a quick demo of SpiceDB - a mature open source implementation of Zanzibar.