January 2, 2020

187 words 1 min read

Athenz with Istio: Single Access Control Model in Cloud Infrastructures

Athenz with Istio: Single Access Control Model in Cloud Infrastructures

Most Cloud computing environments are based on self-service thus authorization configurations are frequent and dynamic. Furthermore, in Microservices architecture, each service communicates via Web AP …
Talk Title Athenz with Istio: Single Access Control Model in Cloud Infrastructures
Speakers Tatsuya Yano (Platform Developer, Yahoo Japan Corporation)
Conference KubeCon + CloudNativeCon North America
Conf Tag
Location Seattle, WA, USA
Date Dec 9-14, 2018
URL Talk Page
Slides Talk Slides
Video

Most Cloud computing environments are based on self-service thus authorization configurations are frequent and dynamic. Furthermore, in Microservices architecture, each service communicates via Web APIs thus it is important to have precise and frequently configurable access controls with low cost. Athenz is an open source platform for X.509 certificate based service authentication and fine-grained access control in dynamic infrastructures that provides options to run multi environments with a single access control model. We also plan to provide integration with SPIFFE and Istio. In this session, the speaker is going to explain the benefits of using Athenz and demonstrate how to use Athenz in a Cloud computing environment by showing use case of the integration with Istio. Website http://www.athenz.io

api microservice infrastructure open source use case cloud istio
comments powered by Disqus
Keynote: The Emerging Multicloud World

Keynote: The Emerging Multicloud World

December 30, 2019

Still running in a single cloud? We didnt think so. On-prem. Public. Hybrid. Its rapidly becoming a multicloud world and open source technologies are at the forefront of this transformation. Well …
Implementing Least Privilege Security and Networking with BPF on Kubernetes

Implementing Least Privilege Security and Networking with BPF on Kubernetes

December 24, 2019

BPF is becoming the fastest growing technology in the Linux kernel and is revolutionizing networking, security, and tracing. At the same time, the rise of Kubernetes is creating demand for routing, lo …
The distributed authorization system: A Netflix case study

The distributed authorization system: A Netflix case study

December 19, 2019

Manish Mehta and Torin Sandall lead a deep dive into how Netflix enforces authorization policies (who can do what) at scale in its microservices ecosystem in a public cloud without introducing unreasonable latency in the request path.
Keynote: Shaping the Cloud Native Future

Keynote: Shaping the Cloud Native Future

November 30, 2019

Cloud Foundry is an integral part of the movement creating interoperability among the open source, cloud-native ecosystem. Complementary, interlocking open source technologies like Cloud Foundry, Kube …
Apache Kafka + Apache Mesos = Highly scalable streaming microservices

Apache Kafka + Apache Mesos = Highly scalable streaming microservices

November 18, 2019

Kai Whner shares a highly scalable, mission-critical infrastructure using Apache Kafka and Apache Mesos: Kafka brokers are used as the distributed messaging backbone; Kafkas Streams API embeds stream processing into any external application without the need for a dedicated streaming cluster; and Mesos is used as a scalable infrastructure to leverage the benefits of a cloud-native platform.
Rebuilding the New York Times crossword with Google Cloud (sponsored by Google Cloud)

Rebuilding the New York Times crossword with Google Cloud (sponsored by Google Cloud)

November 14, 2019

Over the course of 2017, the API traffic of the New York Times crossword tripled. At the same time, a very small team of engineers managed to migrate its platform from a PHP monolith on Amazon Web Services to a suite of Go microservices on Google Cloud Platform. JP Robinson explains how his team was able to make the migration with zero downtime while cutting infrastructure costs in half.