Sohan Maheshwar
Developer Advocate Lead at AuthZed
Amsterdam, The Netherlands
Actions
Sohan is a Lead Developer Advocate at AuthZed, based in the Netherlands. He started his career as a developer building mobile apps and has worked in the developer relations space since 2013, in companies such as Amazon, Fermyon and Gupshup. He has always been interested in emerging technologies and how it shapes the world around us.
His interests outside work include visual arts, trivia, and playing frisbee.
Links
Area of Expertise
Topics
Build global-scale Authorization in your web app with Open Source
This workshop will teach you to build Authorization into your web app using SpiceDB - a widely adopted open source system. SpiceDB is based on Google Zanzibar which is the system that Google uses to power the authorization across their products such as YouTube, Google Docs and Cloud IAM.
In this workshop we will integrate authorization to a demo web app. The workshop will be available in multiple programming languages as well as deployment targets.
How Google built a Consistent, Global Authorization System with Zanzibar (and you can too!)
Google Zanzibar is the singular authorization service that powers permissions and sharing across all Google properties, including Docs, YouTube, and Cloud IAM. Creating a consistent, global-scale authorization system that can process "more than 10 million client queries per second” is not a trivial task. The talk will cover how the paper lays out an engineer-friendly blueprint for building a highly scalable distributed system with flexible consistency guarantees.
This talk will start with foundational knowledge of Relationship Based Access Control (ReBAC) and then cover the technical implementations behind Zanzibar - How Google solved for correctness, scale and speed. The presentation will cover the different APIs for interacting with the system and also a deep-dive into how the “New Enemy” problem was solved. The talk will conclude with how you an use open source tools to build authZ into your application.
Broken Authorization now tops OWASP's Top 10 Security Risks for Web Apps. Their recommendation? Adopt an ABAC or ReBAC authorization model. This talk teaches you how Google built Zanzibar for global-scale and how you can implement this for your customers. The talk is targeted at developers, platform engineers and team leads who work on applications at scale that required different permissions.
Build authorization at scale with SpiceDB on Amazon EKS
Building modern authorization from scratch is non-trivial and requires years of development from domain experts. Till very recently, the only developers with access to these workflows were employed by massive tech companies that could invest in building mature, but proprietary solutions. Not only were these solutions proprietary but they also own the maintenance and continuous development of the solution. That’s where SpiceDB comes in!
SpiceDB is an open-source, Google Zanzibar-inspired database system for real-time, security-critical application permissions. This webinar shows how you can deploy a SpiceDB instance on Amazon Elastic Kubernetes Service (EKS) which is the managed Kubernetes service provided by Amazon and is the best way to run SpiceDB on AWS. The webinar covers a quick introduction to SpiceDB and then goes straight into a demo of the deployment process on EKS.
BAC to the Future: A deep-dive into different Authorization models
Open Worldwide Application Security Project (OWASP) publishes a yearly "Top 10 Security Risks for Web Apps" list. Guess what topped their list this past year?
Broken authorization.
This talk is a deep-dive into common Authorization models such as Role Based Access Control (RBAC), Attribute Based Access Control (ABAC) and Relationship Based Access Control (ReBAC). We discuss how each of these AuthZ models work, how they are implemented, and what the advantages & disadvantages of each are.
At the end of the talk you will have the knowledge to decide which type of authZ model is best suited for your application.
A foundational understanding of the main types of Access Control systems and what the trade-offs of each are. Important to know which system is best suited for your use-case. This talk is aimed at an audience who are unfamiliar with identity and access management.
Swiss Cloud Native Day 2024 Sessionize Event
KCD Munich 2024 Sessionize Event
Open Source Day 2024 Sessionize Event
WeAreDevelopers World Congress 2023 Sessionize Event
Build Stuff 2022 Lithuania Sessionize Event
Devopsdays Amsterdam 2022 Sessionize Event
TEQnation 2022 Sessionize Event
Sohan Maheshwar
Developer Advocate Lead at AuthZed
Amsterdam, The Netherlands
Links
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top