Attribute-based authorization: How we stopped distributing roles and started on policies

This talk's about EasyABAC Java framework for quick and easy implementation of an attribute-based access model in Java projects.

In the introductory part, Anton will make an overview of different approaches to differentiation of access rights (RBAC and ABAC). Then he will pass on to the base architecture of ABAC solutions, existing products and the problems that developers face when using an attribute-based access model.

In the main part of the talk, Anton will present an original framework for implementation of an attribute-based access model, which saves time required for developing and adjusting access policies. EasyABAC helps developers in testing and debugging of the access model as well as provides improvements relating to productivity and authorization API.

The talk will be of interest to the developers of large-scale applications and services where complicated systems of differentiation of access rights are essential.