OpenID AuthZEN Interop Read Out - Authorization

DavidBrossard 500 views 13 slides Jun 07, 2024
Slide 1
Slide 1 of 13
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13

About This Presentation

During Identiverse 2024 and EIC 2024, members of the OpenID AuthZEN WG got together and demoed their authorization endpoints conforming to the AuthZEN API

Size: 6.72 MB
Language: en
Added: Jun 07, 2024
Slides: 13 pages

Slide Content

OpenID AuthZEN Interop Read Out Identiverse 2024

David CTO – Axiomatics Brossard Allen Independent Foster Omri CEO – Aserto Gazitt Gerry VP Product & Standards – Strata Gebel

2001 2013 2014 2016 2020 History ABAC ALFA NGAC Zanzibar

Identiverse 2023 – The Inception

The AuthZEN Charter https://openid.net/wg/authzen/ PEP PAP PDP PIP Initial focus: PEP-PDP API Follow-on: Policy Discovery & Management Follow-on: Event delivery

First Implementer’s Draft – May 2024 { "subject" : { "identity" : " CiRm …2Fs" }, "action" : { "name" : " can_read_user " }, "resource" : { "type" : "user" , " userID " : "[email protected]" } } { "decision": true } https:// openid.github.io / authzen /

First Interop Use Case https://authzen-interop.net/docs/scenarios/todo Viewer Editor Admin Evil Genius Todo Edit Delete View Complete

Interop Architecture Backend SQLLite Authorization Service AuthZEN Standard React frontend that manages Todo lists Node.JS backend that serves 5 routes that the frontend talks to

Interop Participants

Policy-based Graph-based ALFA OPA (Rego) Other Eve Maler a few years ago The Venn of Interop Participants

What next? Evaluations API : box- carring multiple requests together Resource Search API : find all the resources that a subject can access Subject Search API : find all the subjects that can access a resource Create additional interop scenarios Add more implementations (especially ReBAC systems) Work with relying parties to externalize authorization Pursue policy discovery/management and event delivery into PDP/PIP

Where to find us https://openid.net/wg/authzen/ 📧 Mailing List Meeting notes & Design Documents 📄 HackMD : https://hackmd.io/@oidf-wg-authzen Github 👩‍💻 https://github.com/ openid / authzen Slack 💬 #wg-authzen
Tags
Categories
Technology
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 500
  • Slides 13
  • Age 543 days
Related Slideshows
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx 11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
45 views
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx 10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
45 views
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx 13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx 11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
Know for Certain 21
Know for Certain
DaveSinNM
19 views
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx 17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views
View More in This Category