Session

BAC to the Future: A deep-dive into different Authorization models

Open Worldwide Application Security Project (OWASP) publishes a yearly "Top 10 Security Risks for Web Apps" list. Guess what topped their list this past year?

Broken authorization.

This talk is a deep-dive into common Authorization models such as Role Based Access Control (RBAC), Attribute Based Access Control (ABAC) and Relationship Based Access Control (ReBAC). We discuss how each of these AuthZ models work, how they are implemented, and what the advantages & disadvantages of each are.
At the end of the talk you will have the knowledge to decide which type of authZ model is best suited for your application.

A foundational understanding of the main types of Access Control systems and what the trade-offs of each are. Important to know which system is best suited for your use-case. This talk is aimed at an audience who are unfamiliar with identity and access management.

Sohan Maheshwar

Developer Advocate Lead at AuthZed

Amsterdam, The Netherlands

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top