YoVDO

Adventures in Authentication and Authorization

Offered By: USENIX Enigma Conference via YouTube

Tags

USENIX Enigma Conference Courses OAuth Courses Authorization Courses JWT Courses Mutual TLS Courses

Course Description

Overview

Explore the challenges and solutions in implementing authentication and authorization for zero-trust architectures in microservice ecosystems. Dive into Netflix's journey of creating a robust security system, examining the requirements, technology choices, and hurdles encountered. Learn about the surprising decision to use multiple technologies instead of a single solution. Discover insights on forwardable bearer credentials, credential scopes, service-to-service access control, end-user context tickets, and the authorizable context abstraction. Gain valuable takeaways from this 21-minute USENIX Enigma Conference talk by Ian Haken, offering practical knowledge for enhancing security in complex distributed systems.

Syllabus

Intro
The Red Team Exercise
Authentication and Authorization
Fix #1: Forwardable Bearer Credentials
Potential Fix: Credential Scopes
Keeping up with scopes
Service-to-Service (S2S) Access Control
Service-to-Service Pitfalls
End-User Context (EUC) Tickets
The Authorizable Context Abstraction
Three Takeaways


Taught by

USENIX Enigma Conference

Related Courses

Navigating the Sandbox Buffet
USENIX Enigma Conference via YouTube Meaningful Hardware Privacy for a Smart and Augmented Future
USENIX Enigma Conference via YouTube Working on the Frontlines - Privacy and Security with Vulnerable Populations
USENIX Enigma Conference via YouTube Myths and Lies in InfoSec
USENIX Enigma Conference via YouTube Crypto for the People - Part 2
USENIX Enigma Conference via YouTube