Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage Access Control Content on InfoQ


RSS Feed
  • Styra's Policy as Code Report: Identity and Access Management Drives Adoption

    The State of Policy as Code report from Styra, based on a survey of 285 U.S. developers and technical decision-makers, highlighted that 97% of respondents believe policy as code is crucial for efficient software building in cloud environments. The report's key findings highlight policy as the code's role in enhancing development efficiency, security, and simplicity.

  • AWS Creates New Policy-Based Access Control Language Cedar

    AWS has created a new language for defining access permissions using policies called Cedar. Cedar is currently used within Amazon Verified Permissions and AWS Verified Access. Created by the AWS Automated Reasoning Group, Cedar is designed to be agnostic of AWS and simple to understand the effects of policies.

  • AWS Announces Upcoming Security Changes in April 2023 for Amazon S3

    Recently AWS announced it would make two changes to Amazon Simple Storage Service (Amazon S3): all buckets in a region will have S3 Block Public Access enabled and access control lists (ACLs) disabled by default. These changes will take effect in April 2023 and will be rolled out by the company in all AWS regions within weeks.

  • Spotify Releases Enterprise Plugin Bundle for Backstage

    Spotify has released five plugins for Backstage as a purchasable bundle. The five plugins cover a variety of use cases including compliance, access control, employee education and satisfaction, and usage metrics. The plugins are a mix of existing Spotify tooling and new development specifically for this bundle.

  • Scaling Access Management at Airbnb

    Airbnb's product engineering team recently discussed their implementation of a self-serving, centralized access control platform. Built on the principle of least privilege, the team designed a five-stage architecture, providing benefits from security, usability, and developer experience aspects.

  • Improve Access Control of Google Cloud SQL with IAM Conditions and Tags

    Recently, Google announced the general availability (GA) of IAM Conditions and Tags for Cloud SQL, a fully-managed relational database service for MySQL, PostgreSQL, and SQL Server.

  • Microsoft Launches Azure Active Directory-Based Access Control for Service Bus

    In a recent statement, Microsoft has announced the general availability of Azure Active Directory (AD) based access control for Service Bus, enabling the option to use identities in combination with Role Based Access Control (RBAC) to authenticate against the service’s data endpoints. Moreover, they have also introduced accompanying RBAC roles, providing granular control over granted permissions.

  • AWS Identity and Access Management Gains Tags and Attribute-Based Access Control

    Amazon Web Services (AWS) recently enabled tags for IAM users and roles to ease the management of IAM resources. Notably, this release also includes the ability to embrace attribute-based access control (ABAC) and match AWS resources with IAM principals dynamically to "simplify permissions management at scale".

  • Google Releases New Security Features for Compute Engine: Resource-Level IAM and IAM Conditions

    Google announced two new Cloud Identity and Access Management (IAM) features to help customers manage their security and access control in the Google Compute Engine better. These features are the resource-level IAM to set policies on individual resources, and IAM conditions to grant access based on predefined conditions.

  • AWS Organizations Offers Centralized Policy-Based Account Management

    After a three month preview since re:Invent 2016, Amazon Web Services has recently moved AWS Organizations to general availability. The new service allows to centrally manage multiple AWS accounts within a hierarchy of organizational units and attach service control policies with fine-grained access permissions. AWS Organizations also supersede the formerly separate consolidated billing feature.

  • Fine-Grained Authorization for Java Applications

    A fine-grained authorization system based on XACML specification can increase agility and control in addition to traditional role based access control method of authorizing users based on their roles. Subbu Devulapalli spoke at JavaOne 2010 Conference about standards and deployment models in user authorization. He also discussed best practices when implementing authorization in Java applications.