As a global OEM of highly critical and complex industrial devices, managing access to hundreds of millions of IIoT device resources spread across customer sites all around the globe is already a challenging task.
Use cases for providing a digital service platform need to address end customers accessing devices owned by themselves as well as priviledged access for in house and third party analytics applications and serice personnel. A combination of requirements for excelent user experience, authorization management and high performance for cross-tenant queries for endless scenarios can become a nightmare.
The task was to analyze the access requirements, abstract them and then deploy a “Zanzibar” inspired approach to manage access authorizations with a swift and reliable backend architecture, able to handle millions of information assets to be protected against unauthorized access.
Creating a mere access model does not do the full trick - it has to be cleverly designed into data storage structures and queries to achive the required performance goals!
The talk quickly introduces the problem set and then dives deeper into how to implement data storage optimization magic to get quick response times and swift adjustments of authorizations.