In this talk, explore how Domain Driven Design (DDD) and Relationship-Based Access Control (ReBAC) can revolutionize your access management by focusing on business relationships and stakeholder collaboration, rather than relying on specific tools.

I will share our experience at AGICAP transitioning from a Role-Based Access Control (RBAC) authorization model to a ReBAC model, in line with the latest OWASP recommendations. Learn how we applied DDD principles to better understand and model business requirements for authorization, fostering a more effective and adaptable access management system.

This talk will emphasize key DDD and ReBAC concepts, as well as the challenges and lessons learned during their implementation. You will leave with a deeper understanding of the importance of placing the business domain at the heart of your authorization systems, empowering you to create a more robust and flexible access management strategy.