Talks
Speakers
Events
Topics
Sign in
Home
Talks
Speakers
Events
Topics
Leaderboard
Use
Analytics
Sign in
Suggest modification to this talk
Title
Description
In a SOA environment users can interact with multiple parts of your system, and the rules for authorization become dispersed across applications. The task of maintaining rules becomes complex. The challenge compounds further in a heterogeneous environment, with services built in different languages. In this talk, I focus on the topic of authorization, specifically how we can scale and grow our services with confidence. I'll walk through a new framework we've developed to approach this problem. Alan Cohen is a Software Engineer at Climate Corporation working on the Insurance product back-end and other core pieces of their risk management platform. Help us caption & translate this video! http://amara.org/v/FG0y/
Date
Summarized using AI?
If this talk's summary was generated by AI, please check this box. A "Summarized using AI" badge will be displayed in the summary tab to indicate that the summary was generated using AI.
Show "Summarized using AI" badge on summary page
Summary
Markdown supported
In this video titled 'Authorization in a Service-Oriented Environment', Alan Cohen from Climate Corporation addresses the complex challenges of implementing authorization in a Service-Oriented Architecture (SOA). He differentiates between authentication and authorization, emphasizing that while authentication verifies identity, authorization determines access rights. Cohen provides an overview of SOA, describing it as a loosely coupled architecture aimed at fulfilling business needs through the reusability of components and scalability. He discusses various authorization methods such as role-based, attribute-based, and rule-based control, but focuses on the necessity for a more flexible and scalable approach suited for heterogeneous environments where services may be built in different languages. Key points discussed in the talk include: - **Importance of SOA**: SOA allows for modular development, resource allocation, and a codebase capable of scaling across teams. - **Challenges of Service-Oriented Authorization**: Authorization must be reusable and decoupled from application code to ensure scalability and maintainability, especially when services evolve. - **Current Authorization Libraries**: While tools like CanCan are effective, Cohen argues they embed rules in application code, making future updates and scaling difficult. - **XACML**: Cohen touches on the Extensible Access Control Markup Language (XACML), which separates access decisions from application code but notes its complexity is excessive for simpler applications. - **Developing a New Framework**: He discusses the creation of a new language to define authorization policies that are agnostic to specific frameworks and languages, along with a Ruby gem named 'IronHide' that serves as a bridge to allow applications to implement these rules. Cohen concludes that the proposed framework aims to simplify authorization processes, increase reusability, and maintain scalability across various services. The approach is still a work in progress, but it seeks to provide a foundation for a more reliable and manageable authorization system across diverse environments.
Suggest modifications
Cancel
