ArchitectureConference50min
How Google built a Consistent, Global Authorization System with Zanzibar (and you can too!)
This talk explains Google Zanzibar, the global-scale authorization system behind Google services. It introduces Relationship-Based Access Control (ReBAC), details Zanzibar’s design for correctness, scale, and speed, explores its APIs and the “New Enemy” problem, and demonstrates how to implement similar authorization using open-source tools.
talk.summaryAiDisclaimer
Sohan MaheshwarAuthZed
talkDetail.whenAndWhere
Wednesday, June 17, 12:25-13:15
Room 2
talks.roomOccupancytalks.noOccupancyInfo
Google Zanzibar is the singular authorization service that powers permissions and sharing across all Google properties, including Docs, YouTube, and Cloud IAM. Creating a consistent, global-scale authorization system that can process "more than 10 million client queries per second” is not a trivial task. The talk will cover how the paper lays out an engineer-friendly blueprint for building a highly scalable distributed system with flexible consistency guarantees.
This talk will start with foundational knowledge of Relationship Based Access Control (ReBAC) and then cover the technical implementations behind Zanzibar - How Google solved for correctness, scale and speed. The presentation will cover the different APIs for interacting with the system and also a deep-dive into how the “New Enemy” problem was solved. The talk will conclude with how you can use open source tools to build authZ into your application.
This talk will start with foundational knowledge of Relationship Based Access Control (ReBAC) and then cover the technical implementations behind Zanzibar - How Google solved for correctness, scale and speed. The presentation will cover the different APIs for interacting with the system and also a deep-dive into how the “New Enemy” problem was solved. The talk will conclude with how you can use open source tools to build authZ into your application.
Sohan Maheshwar
Sohan is a Lead Developer Advocate at AuthZed, based in the Netherlands. He started his career as a developer building mobile apps and has been living in the cloud since 2013, in companies such as Amazon, Fermyon and Gupshup. He is also an O' Reilly author, having created a course on Cloud Concepts for Everyone.
He has always been interested in emerging technologies and how it shapes the world around us.
He has always been interested in emerging technologies and how it shapes the world around us.