Jul 18, 2024
In the evolving landscape of cloud-native architectures, Chime, like many enterprises, embraced a service-oriented architecture, leading to a proliferation of services across diverse languages and tech stacks such as Ruby, Golang, Python, and NodeJS. This diversity, while fostered innovation and enabled autonomy to engineers it introduced complex challenges in service-to-service authentication and authorization (authNZ). While some teams took to rudimentary mechanisms to solve for this, it was suboptimal from a developer experience perspective and had gaps in security from an authNZ perspective and was not auditable. Recognizing the need for a robust, scalable solution, we embarked on the journey to develop a cloud-native authNZ platform. This proposal outlines our innovative approach to creating a tech stack agnostic, low-latency (<1ms), and fully auditable authNZ system designed to seamlessly integrate into Chime's multifaceted tech ecosystem. We hope that the attendees to gain comprehensive insights into the challenges and solutions in implementing a cloud-native, tech stack agnostic service-to-service authNZ platform. They will learn about the importance of a developer-first approach, the strategic benefits of endpoint-level authZ, and the practical considerations in building a low-latency, fully auditable security platform.
Inclusive product security conference that attracts builders and defenders from around the world.
Total of 0 viewers voted for saving the presentation to eternal vault which is 0.0%
Presentations on similar topic, category or speaker