Session + Live Q&A
Authorization at Netflix Scale
How do you centralize authorization in the critical path of a multi-million RPS online service? How does centralizing authorization enable product flexibility? How do you make such a system fault-tolerant?
We will answer these questions and more in this session. At Netflix, having many microservices each implementing their own authorization rules was starting to make our streaming product inflexible. Requirements involving changes to authorization required too much development. We have introduced an authorization system (PACS) for user-facing applications that is resilient, flexible and performant. We’ll discuss our approach to scaling and share techniques for distributed caching and isolating failure domains. You’ll leave this talk with an idea of how to approach centralizing authorization at such a scale without compromising on availability.
Speaker
Travis Nelson
Senior Software Engineer @Netflix
Travis Nelson is an engineer in the AIM (Access and Identity Management) team at Netflix. He’s been there four years, having done a tour of Silicon Valley companies. He enjoys bicycling and craft beer, but not at the same time.
Read moreFind Travis Nelson at:
Date
Tuesday Nov 2 / 12:10PM EDT (40 minutes)
Track
Security: Establishing & Maintaining Customer Trust
Topics
SecurityAuthenticationApplication SecurityAdd to Calendar
Add to calendarShare
From the same track
"Trust me, I'm an insider" - Diving into Zero Trust Security
Tuesday Nov 2 / 02:10PM EDT
In 2020, hackers got around by making about 4.2 Billion Dollars majorly from Phishing scams.The current scenario of Network Security highly depends on the assumption that if a client has a set of “good” credentials, they can be trusted with access to all or at least some confidential...
Sindhuja Rao
Network Security Engineer @Cisco
Deepank Dixit
Technical Consulting Engineer @Cisco
Building Trust & Confidence with Security Chaos Engineering
Tuesday Nov 2 / 01:10PM EDT
Complex adaptive systems are dynamic, self-evolving, non-linear, emergent, and most of all unpredictable. Delivering secure and reliable software will continue to become exponentially more difficult unless we start approaching this new problem frontier differently. Security Chaos...
Aaron Rinehart
CTO @Verica.io
Perspectives on Trust in Security & Privacy
Tuesday Nov 2 / 03:10PM EDT
Continuing the track trend around trust, the security panel discusses we can balance the adjustment of our security posture and our user experience. What is the right balance between security and usability? How do we build systems that scale, that gives the right amount of security and control to...
Clint Gibler
Head of Security Research @r2cdev
Stephanie Olsen
Customer Trust, Abuse & Fraud @Netflix
Cassie Clark
Security Awareness Lead Engineer @brexHQ
Ellen Nadeau
Privacy Analysis Engineer @Cruise