This episode explores the concept of Topaz, an authorization engine that unites policy as code, relationship-based authorization models like Zanzibar, and real-time decision-making. We discuss how Topaz is designed to handle fine-grained authorization, crucial in today's zero-trust environments, by making local decisions over local data. Omri discusses the architecture of Topaz, including its use of Open Policy Agent (OPA) and a triple store model for data.

You will gain insight into the challenges of authorization, the importance of keeping data and policies synchronized, and how Topaz addresses these issues. The conversation also touches on the practical aspects of implementing Topaz, such as data source integration, deployment models, and the flexibility it offers for different organizational needs.

This episode is essential for anyone interested in the latest trends and tools in software authorization, providing a comprehensive look at how Topaz is paving the way for more secure and efficient application development.

Dive into the world of advanced authorization with Gabriel Manor, Head of DevRel and Growth at Permit.io. In this episode of Authorization in Software, Damian Schenkelman engages Gabriel in a discussion on the Open Policy Authorization Layer, better known as OPAL.

Damian and Gabriel delve deep into how OPAL enables a structured and effective approach to authorization. They cover the shift from traditional Role-Based Access Control (RBAC) to the more dynamic Attribute-Based Access Control (ABAC), highlighting the need for granular control in modern application environments.

This episode is insightful for those interested in understanding the complexities of policy-based authorization systems. It discusses the challenges and benefits of decoupling authorization policies from application code, emphasizing the importance of streamlined policy management for secure and efficient software development.

In this episode of Authorization in Software, Damian Schenkelman sits down with John Huffaker, Distinguished Engineer at Box. They discuss how Box, a major file-sharing and collaboration platform, approaches authorization.

The conversation touches upon:

• The importance of security for a platform like Box which handles sensitive data for countless users and businesses.
• A look into the different layers of security, including application  and infrastructure security.
• The challenges and solutions to ensure that Box remains impenetrable
• A detailed overview of the multiple layers involved in making different kinds of authorization decisions, from viewing files and folders to understanding user permissions and API accesses.
• And more...

Tune in to get an inside look at the ways Box keeps their customers' data remains safe and the authorization mechanisms they employ to achieve this.