The video on-demand of this session is available to logged in QCon attendees only. Please login to your QCon account to watch the session.

Session + Live Q&A

Authorization at Netflix Scale

How do you centralize authorization in the critical path of a multi-million RPS online service?  How does centralizing authorization enable product flexibility?   How do you make such a system fault-tolerant?  

We will answer these questions and more in this session. At Netflix, having many microservices each implementing their own authorization rules was starting to make our streaming product inflexible. Requirements involving changes to authorization required too much development.   We have introduced an authorization system (PACS) for user-facing applications that is resilient,  flexible and performant.  We’ll discuss our approach to  scaling and share techniques for distributed caching and isolating failure domains.  You’ll leave this talk with an idea of how to approach centralizing authorization at such a scale without compromising on availability.  


Speaker

Travis Nelson

Senior Software Engineer @Netflix

Travis Nelson is an engineer in the AIM (Access and Identity Management) team at Netflix.  He’s been there four years, having done a tour of Silicon Valley companies. He enjoys bicycling and craft beer, but not at the same time.  

Read more
Find Travis Nelson at:

Date

Tuesday Nov 2 / 12:10PM EDT (40 minutes)

Track

Security: Establishing & Maintaining Customer Trust

Topics

SecurityAuthenticationApplication Security

Add to Calendar

Add to calendar

Share

From the same track

Session + Live Q&A Security

"Trust me, I'm an insider" - Diving into Zero Trust Security

Tuesday Nov 2 / 02:10PM EDT

In 2020, hackers got around by making about 4.2 Billion Dollars majorly from Phishing scams.The current scenario of Network Security highly depends on the assumption that if a client has a set of “good” credentials, they can be trusted with access to all or at least some confidential...

Sindhuja Rao

Network Security Engineer @Cisco

Deepank Dixit

Technical Consulting Engineer @Cisco

Session + Live Q&A Security

Building Trust & Confidence with Security Chaos Engineering

Tuesday Nov 2 / 01:10PM EDT

Complex adaptive systems are dynamic, self-evolving, non-linear, emergent, and most of all unpredictable. Delivering secure and reliable software will continue to become exponentially more difficult unless we start approaching this new problem frontier differently.    Security Chaos...

Aaron Rinehart

CTO @Verica.io

PANEL DISCUSSION + Live Q&A Security

Perspectives on Trust in Security & Privacy

Tuesday Nov 2 / 03:10PM EDT

Continuing the track trend around trust, the security panel discusses we can balance the adjustment of our security posture and our user experience. What is the right balance between security and usability? How do we build systems that scale, that gives the right amount of security and control to...

Clint Gibler

Head of Security Research @r2cdev

Stephanie Olsen

Customer Trust, Abuse & Fraud @Netflix

Cassie Clark

Security Awareness Lead Engineer @brexHQ

Ellen Nadeau

Privacy Analysis Engineer @Cruise

View full Schedule