Attribute-based authorization: How we stopped distributing roles and started on policies

Day 2 /  / Track 4  /  RU

This talk's about EasyABAC Java framework for quick and easy implementation of an attribute-based access model in Java projects.

In the introductory part, Anton will make an overview of different approaches to differentiation of access rights (RBAC and ABAC). Then he will pass on to the base architecture of ABAC solutions, existing products and the problems that developers face when using an attribute-based access model.

In the main part of the talk, Anton will present an original framework for implementation of an attribute-based access model, which saves time required for developing and adjusting access policies. EasyABAC helps developers in testing and debugging of the access model as well as provides improvements relating to productivity and authorization API.

The talk will be of interest to the developers of large-scale applications and services where complicated systems of differentiation of access rights are essential.

Download presentation
Anton Lapitskiy
Anton Lapitskiy

Software architect in CUSTIS. Has more then 8 years of experience in commercial development on Java in the banking and educational spheres, as well as for the government sector. The main activity is the design of distributed systems and issues of fine-grained authorization. He likes to experiment with reactive approaches in Java, with Netflix stack, Event Sourcing and CQRS.