DevOps & Cloud Security
Facebook Twitter LinkedIn

City of The Hague: Adding Access Control to Microservice Architectures for ZTA

Combined Session
Wednesday, May 10, 2023 16:00—16:15

The Common Ground movement of the Dutch municipalities is developing innovative solutions for greater interoperability. An important part of this is the data landscape, where functionality is accessed through microservice API’s. In the analysis of this architecture, one aspect is barely touched upon: The Access Control aspect in API’s is not appropriately co-developed.
The Municipality of The Hague has performed a Proof Of Architecture (the POA) to demonstrate that it is possible to unlock an existing API in which access is not explicitly modeled, or that still uses traditional Role Based Access Control methods internally, restricting interoperability across contexts.
The POA is done in an effective and efficient way through innovative 'zero trust architecture' concepts, such as Policy Based Access Control. Security and privacy are thus demonstrably realized in accordance with legal requirements. The POA proves that it is technically feasible to add input-filtering of access requests to ignore the restricting RBAC method and thereby open doors for municipalities for interoperability in an autonomous and secure way.
During the presentation the working principles of API access from a perspective of Identity & Access Management are explained, but also how these principles can be applied in practice in an existing application landscape.
The presentation will be a joint presentation between the lead architect of the City of The Hague, Jan Verbeek, and access strategist André Koot

André Koot
André Koot
André Koot is a Principal Consultant and Access Strategist at SonicBee. He has more than 25 years of experience in the field of information security, and as an economist he practices this...
Jan Verbeek
Jan Verbeek
Gemeente Den Haag
Jan is a Senior Business / IT architect with extensive experience in the IT Sector, both nationally and internationally. He gained his experience in government orginazations and business. Jan is...


Hybrid Ticket
Experience the full conference
till March 31st
Whole conference (May 09-12, 2023)
Choose if you want to attend on-site or participate online
Access to live sessions, expo-area & networking events on-site
Access to online event platform to view live- & online streams
Access to the virtual expo area
(Video-) Chat and interact with all attendees on-site and online
Virtual Ticket
Full virtual experience
till March 31st
Whole conference (May 09-12, 2023) online
Access to online event platform to view live streams
Access to the virtual expo area
(Video-) Chat and interact with all attendees on-site and online
Have you participated in our events?
Contact us to get a special discount
Other ways to attend
Young Talents -
student program
Register and apply
Journalists &
Confirm press accreditation
Subscribe for updates
Please provide your email address