Blog

Company Updates & Technology Articles

Blog post cover

The authorization 3-body problem

Designing an effective authorization system requires understanding the interactions and tradeoffs between the three main components: the PEP, PDP, and PIP.

May 10th, 2024

Blog post cover

Internet Identity Workshop 38: a retrospective

The two big themes at IIW 38 were Verifiable Credentials and Authorization. This retrospective provides my personal highlights of the conference.

Apr 23rd, 2024

Blog post cover

How ReBAC helps solve data filtering

Data filtering based on roles or permissions is an important use-case for application developers. Find out how your authorization system can help!

Apr 12th, 2024

Blog post cover

Modern application authorization: Insights from the trenches

Umbrella Associates co-founder Sebastian Rohr and Aserto CEO Omri Gazitt discuss the challenges of building a fine-grained, policy-based authorization system at Siemens using a few different OSS projects, and how Topaz provides a unified open source solution that addresses all these challenges.

Apr 3rd, 2024

Blog post cover

Product pulse #7 - Authorization Templates and Directory Assertions

The Aserto team has been hard at work improving Topaz and the Aserto SaaS platform. We’re excited to share a few of the new product features, including authorization templates and assertions. Let us know what you think!

Mar 29th, 2024

Blog post cover

Authorize like GitHub: A real-world example of fine-grained authorization

GitHub is a familiar example of a sophisticated, fine-grained authorization model. GitHub's model includes roles, organization-wide permissions, and nested teams. Read on to learn how to model GitHub's permission system with Topaz.

Mar 21st, 2024