Relationship-Based Access Control (ReBAC) | Best Practices for Implementing Fine-Grained Authorization

​Join us live with Pauline Jamin (Staff Software Engineer @ Agicap) as we explore the fundamentals and advanced concepts of Relationship Based Access Control (ReBAC). Discover why ReBAC is gaining traction, and learn how to implement it efficiently while addressing key performance and design concerns.

​We’ll discuss:

​• An introduction to Relationship Based Access Control (ReBAC)

​• Why ReBAC is growing in popularity

​• Best practices for efficient ReBAC implementation

​• Addressing performance concerns in ReBAC systems

​• Google Zanzibar: with and without it

​• The expressiveness of tuples in ReBAC

​• The Net of Protection approach to authorization

​• ReBAC’s role in Domain Driven Design and aligning with business objectives

​• Engineering plans for rolling out ReBAC implementations

​• Migrating legacy systems from coarse-grained access control to ReBAC

​• Modeling and API design considerations

​• Overview of Zanzibar implementations like OpenFGA, SpiceDB, OPA

​• Schema as code and versioning techniques

​• Decoupling schema from data in ReBAC

​• Exploring strong vs. eventual consistency in ReBAC systems

​• Q&A