Authentication (authn) and authorization (authz) are cornerstones of security in cloud-native applications. And yet, they remain some of the most challenging aspects for many organizations today.
At this year's All Day DevOps (ADDO) event, Yoshiyuki Tabata, Senior OSS Consultant at Hitachi, will tackle these challenges in his keynote titled "Exploring Best Practices for Implementing Authn and Authz in a Cloud-Native Environment."
All Day DevOps: A leading event for DevOps and security
Now in its ninth year, All Day DevOps (ADDO) has grown into the world's largest DevOps event, drawing over 180,000 attendees for 24 hours of continuous sessions on everything from software development to security and emerging technologies.
Tabata's keynote will be a must-see for anyone looking to strengthen the security of their cloud-native applications, especially as the implementation of authentication and authorization remains a top concern.
Understanding the complexity of authn and authz
Auth and authz are recognized as critical security components, as reflected in the OWASP Top 10 list of security vulnerabilities.
However, they present ongoing challenges to developers and implementers alike. Fortunately, the landscape for authentication has improved with the adoption of standards like OpenID Connect and the availability of cloud-native tools like Keycloak from the Cloud Native Computing Foundation (CNCF). These developments have made the process of implementing authentication more standardized and manageable.
But the landscape for authorization is much less clear. There is no universally accepted standard for authz, and developers must choose between a variety of open source tools, including Open Policy Agent (OPA), OpenFGA, and Topaz. These tools offer different strengths and approaches, leaving implementers with the difficult task of determining the best fit for their needs.
Current trends in authn and authz
In his keynote, Tabata will dive into the latest trends in both authentication and authorization, offering practical guidance for those struggling with these complex issues.
One key area of focus will be the ongoing efforts of the OpenID Foundation AuthZEN Working Group, which is working on establishing authorization standards that could simplify the decision-making process in the future.
However, with no finalized standards yet, Tabata will offer insights on how to navigate the current uncertainty.
Best practices in auth and authz
Tabata's keynote will provide an overview of the best practices for implementing security measures, with a focus on how organizations can make informed decisions about the tools and frameworks they adopt.
Listeners will gain valuable insights into the future of authentication and authorization standards, and how to stay ahead of the curve when implementing these systems in their own environments.
Attendees will walk away with:
-
An understanding of current trends in authentication and authorization for cloud-native environments.
-
Insights into the available open source tools for implementing authz, including OPA, OpenFGA, and Topaz.
-
Best practices for choosing and implementing authn/authz solutions, even in the absence of clear authorization standards.
-
A look at the future of authorization standards, with insights from the OpenID Foundation AuthZEN Working Group.
Join us at All Day DevOps
Tabata's session will equip you with the knowledge you need to implement secure, scalable authn/authz solutions that align with industry best practices.
To learn more and register for All Day DevOps, visit the official ADDO website.
