Despite being published back in 2019, there has been a sudden surge of interest in Google Zanzibar, the system used at Google for handing authorizatio

Zanzibar from Scratch

submited by
Style Pass
2021-08-05 17:30:06

Despite being published back in 2019, there has been a sudden surge of interest in Google Zanzibar, the system used at Google for handing authorization. Hardly the most exciting topic in the world, right? But in the last few months, engineering teams at AirBnb and Carta have developed their own internal versions of Zanzibar.

Where is all this recent interest coming from? I can only speculate, but it seems more people are realizing that authorization is the next piece of software to be unbundled .

I realized today that I had never talked publicly about something really important about the design of access control systems: design their semantics to be reverse-indexable. This is a much spicier take than it sounds like, but there's a good reason. 🧵 [1/]

Put simply, reverse-indexable means that instead of being able to answer "can this user access resource X", you can instead ask: "what can this user access?" or "who can access this file?".

Leave a Comment