Dynamic Externalized Authorization for the Evolution of the Service-Oriented Architecture - Using ABAC for APIs and Microservices

In order to watch this video, you have to log in or create an account, if you don't have one yet.
By continuing, you agree that the speakers of this event will have access to the video statistics.


As opposed to traditional monolithic applications, a (micro)service-based architecture comprises multiple loosely coupled modules (“services”) that serve specific business purposes and communicate over lightweight network protocols. Such services can be developed, deployed and scaled independently on different platforms, which greatly reduces the time needed to bring as new product to market and allows for continuous delivery development process, where small changes to the business logic of an individual service can be quickly introduced and deployed.

However, when designing a (micro)-service architecture, dealing with identity and security becomes a much more complicated task than in traditional monolithic applications: each individual component must know which user is interacting with it and which access rights are granted to him. Externalizing and centralizing access management is a natural choice for microservices systems to ensure consistently secure and scalable authorization. Implementing the authorization service itself as a microservice, providing policy-driven access control for other microservices and APIs seems to be just as natural… Or is it?

Language: English • Duration: 53:28 • Resolution: 1280x720


Latest Related Videos


KuppingerCole PLUS

Get access to the whole body of KC PLUS research including Leadership Compass documents for only €800 a year

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Stay Connected

KuppingerCole on social media

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00