SpiceDB: Authorization that Scales

As more folks deploy cloud-native architectures and technologies, store ever larger amounts of data, and build ever more complex software suites, the complexity required to correctly and securely authorize requests only becomes exponentially more difficult.

Broken authorization now tops OWASP's Top 10 Security Risks. Their recommendation? Adopt ABAC or ReBAC authorization models. This talk establishes the problems with the status quo, explains the concepts behind ReBAC, and introduces SpiceDB, a widely adopted open source ReBAC system inspired by the system internally powering Google: Zanzibar.