Cloud-native authorization at KubeCon
Head of Marketing
Oct 19th, 2022
We’re thrilled to announce that Aserto is sponsoring KubeCon and CloudNativeCon North America! Meet the team to discuss your authorization challenges in Detroit on October 26-28th. Secure some time with an Aserto engineer here.
Over the last couple of years, two ecosystems have emerged in the could-native authorization space. One that expresses authorization logic as a set of rules written in a declarative language (Rego) and one that ingrains the policy into a data structure.
The first is known as “policy-as-code” and is commonly used to build role-based and attribute-based access control systems. The Open Policy Agent (OPA) is the best-known representative of this ecosystem. It provides a general-purpose open-source decision engine that has gained popularity for infrastructure authorization use cases among the Kubernetes community.
The second ecosystem, popularized by Google’s Zanzibar paper, is the “policy-as-data” paradigm, where subjects, objects, and relations are used to build relationship-based access control models (ReBAC), like that of Google Docs.
Aserto’s cloud-native access control system lets you combine both ecosystems to enjoy the best attributes of each. It enables application developers to scale their authorization model from simple roles in the form of RBAC to ABAC, ReBAC, or a combination as their needs evolve. It also provides security teams with a central control plane to manage policies and consume comprehensive decision logs from every local authorizer in their system for compliance, auditability, and forensics.
Meet Aserto at KubeCon
If you are attending KubeCon in person, stop by booth SU43 to meet the team and discuss your authorization challenges, or schedule a time to speak with an Aserto engineer at KubeCon here.
If you are attending virtually, visit our virtual booth to learn more about cloud-native access control and the open-source tools that can help you build your authorization system.