|
|
|
|
|
|
by jschorr
1208 days ago
|
|
|
Zanzibar is an authorization system Google built and describes in a paper [1], which uses relationships to make authorization decisions (aka ReBAC): if there exists a path of such relationships between a resource's permission and, say, a user, then the user is considered to have that permission on the resource. This structural approach to permission checking allows for high levels of scaling and low latency on checks. Disclaimer: I am the cofounder of AuthZed, where we are building an open source version of Zanzibar known as SpiceDB [2] [1] https://zanzibar.tech
[2] https://github.com/authzed/spicedb |
|
|