Prime Discount
expires in
Register Now

Agenda

Authorization

Authorization

Combined Session
Wednesday, June 05, 2024 17:30—18:30

How AI Can Help IAM Deliver Better and Stronger Authorization
17:30—17:50
 

Whether you are excited about the possibilities of AI in your workplace or concerned about the overall privacy risks implementing the technology with a mind of its own - you can’t deny that AI is here to stay. It is bound to impact several facets of the world of access control and authorization. Take policies for instance: as humans, we seldom excel at implementing every single requirement into policy. Just typing in that employees are not able to access certain data in a time frame but not including time zone, relationship to employer, country access is coming from, etc., can lead to incorrect access. Integrating AI to ask relevant questions regarding a policy, work in sandboxes to share clear meanings, and provide coaching along the way allow for faster fine-tuning of the overall restrictions. David Brossard will dive into the opportunities AI has when it comes to authoring and employing the most accurate and precise policies all along the process of employing trustworthy and efficient access control.

David Brossard
Chief Technology Officer
Axiomatics AB
In his role as CTO, David drives the technology vision and strategy for Axiomatics based on both identity and access management (IAM) market trends as well as customer feedback. He also leads the...
Un-Complicate Authorization Maintenance
17:50—18:10
 

Every application at some point needs to tackle user permissions. It may be early for some systems or much later in others, but one thing for certain is that as soon as you have more than one user type, the logic will slowly evolve into spaghetti code. And then each time you need to update it will take longer and longer to complete.

In this talk, we’ll proselytize about why decoupling authorization logic is the absolute best solution to the spaghetti code problem and other common authorization pitfalls. We'll look at real-world(ish) permissions implementations using open-source solutions. We'll try things like adding new role-based access controls to an application and evolving it to fine-grained attribute-based access controls. Along the way, we will run into typical blockers and try out ways to solve them. We'll also look at best practices for authorization (role management, policy evolution, the filtering problem, etc.) and when to just use the most obvious solution.

Alex Olivier
Cofounder & CPO
Cerbos
Alex Olivier is the CPO and Co-founder at Cerbos. He has designed enterprise solutions from the ground up as an engineer, consultant, tech lead and product manager, always with an eye on the...
OpenID AuthZEN: Standards for Modern Authorization
18:10—18:30
 

Sign-on standards, such as SAML and OpenID Connect (OIDC), have paved the way for an interoperable identity fabric that has propelled the industry forward. It’s time for authorization to have its “OIDC moment.”


Over the past few years, we’ve seen the rise of a new architectural pattern - externalizing authorization logic out of applications, and treating it as a separate concern. Google, Netflix, Airbnb, Carta, Intuit, and others have shared their experiences around how they’ve built their internal authorization systems, helping seed a growing movement around modern authorization.

Most organizations, however, don’t have the luxury of building these systems from scratch. Fortunately, a new generation of authorization vendors have created innovative solutions that promise to democratize modern authorization. With that said, each of these solutions defines its own APIs. In much the same way identity standards such as OIDC brought about “single sign-on for the web”, authorization standards promise to reduce barriers to adoption, increase reusability, and mitigate risk for organizations that want to take advantage of this innovation.

To get this off the ground, a group of authorization practitioners and vendors, including those represented on this panel, submitted a charter proposal to the OpenID Foundation for the establishment of the AuthZEN working group. The charter was accepted shortly after IIW 37 in October 2023. Since then, the group has been developing use cases, cataloging authorization patterns, and drafting proposals such as an interop spec for a PEP-PDP protocol. These efforts will unify a set of disparate ecosystems into a larger authorization community, which will create a rising tide for the industry at large.

Join us to discuss the current state of modern authorization. We’ll also describe the progress we’ve made defining authorization patterns, documenting use-cases and how best to accomplish them, and reviewing the interoperability standards we have drafted.

Alexandre Babeanu
CTO
3Edges
Alex has been involved in Graphs and Graph databases for Identity and Access Management for almost 10 years. As a graph-certified and IAM-accredited consultant, he has implemented solutions for...
David Brossard
Chief Technology Officer
Axiomatics AB
In his role as CTO, David drives the technology vision and strategy for Axiomatics based on both identity and access management (IAM) market trends as well as customer feedback. He also leads the...
Omri Gazitt
CEO
Aserto
Omri is the co-founder/CEO of Aserto.com, an authorization startup, and his third entrepreneurial venture. He's spent the majority of his 30-year career working on developer and infrastructure...
Gerry Gebel
Head of Standards
Strata Identity, Inc
Gerry is a recognized leader in the identity management space. His accomplished career spans over two decades in which he has been instrumental in providing requirements definition, architecture...
Eve Maler
Digital identity futurist and strategist
Venn Factory
Eve is a globally recognized pioneer in identity and access management and standards, with roots in semi-structured data modeling and the API economy and a passion for fostering successful...
Atul Tulshibagwale
CTO
SGNL
Atul is a federated identity pioneer and the inventor of the Continuous Access Evaluation Protocol (CAEP), forming the basis of the Shared Signals and Events working group in the OpenID Foundation,...
Secure your ticket
Be quick before the Prime Discount expires in
00d 00h 00m 00 s
Get a ticket
Almost Ready to Join EIC 2024?
Reach out to our team with any remaining questions
Get in touch