Thursday 

Room 5 

16:20 - 17:20 

(UTC+01

Talk (60 min)

Fine Grained Authorisation with Relationship-Based Access Control

Who can tag me in a post? If I move this file to another folder, who now has access? If my owner breaks up with his friend, will I still get a bone?

Architecture
Cloud
Security
Serverless

Whether you're a human, or a dog, let's face it, authorisation is hard. Role-based access control is a great starting point but hard to scale. Attribute-based access control scales better, but neither are much good at answering more complex conditions, like whether friends-of-friends can read your posts, or knowing if your dental hygiene is going to suffer. For such situations, we generally have to wrap this up into business logic.

This is where relationship-based access control (ReBAC) comes in, offering a nuanced approach to accessing resources without codifying that into the applications.

In this session, we'll look at how to define these relationships, experience live demos, and discover how we can deploy our own fine-grained authorisation service. Expect some tail-wagging insights and a few laughs as we explore access control from a canine's point of view.

Ben Dechrai

Ben Dechrai is a technologist with a strong focus on security and privacy, recognised as an MVP for his exceptional contributions to the community. Known for his ability to distil complex technical concepts into engaging, digestible portions, Ben empowers developers through a deep understanding of design principles, security considerations, and coding practices. With over two decades of experience in software engineering, security, and architecture, Ben is a published author and has consulted for companies and investors across numerous industries. He is deeply involved in the tech community, running technology conferences and workshops to share his expertise.