Ian Haken, Netflix
Zero-trust architectures for microservice ecosystems rely on strong authentication between services, but if you’re looking to implement authentication in your environment there’s an overwhelming number of options: OAuth, mutual TLS, JWTs, macaroons, biscuits, HTTP request signatures, and more. And once you’ve picked one, a robust zero-trust ecosystem needs an authorization system on top of it where there are even more options to choose from. In this presentation I’m going to describe our journey through implementing ubiquitous authentication and authorization in our microservice ecosystem: the requirements informing our technology choices, the pain points and hurdles we encountered along the way, and how we accomplished the somewhat surprising solution of using multiple technologies instead of just one.
Ian Haken, Netflix
author = {Ian Haken},
title = {Adventures in Authentication and Authorization},
year = {2023},
address = {Santa Clara, CA},
publisher = {USENIX Association},
month = jan
}