Add to my Schedule Session Block—Applications
10 Sep 2019 10:40 AM - 11:00 AM (UTC)
20190910T1040 20190910T1100 UTC XACML for Developers - Updates, New Tools, & Patterns for the Eager #IAM Developer With the growth of users, apps, and data as well as the advent of cloud and DevOps, we see a sharp increase in the need to tackle contextual, fine-grained authorization. To address this, the members o... Transforming Privacy Law into Practice | 9-10 September | University of Oxford events@oasis-open.org

With the growth of users, apps, and data as well as the advent of cloud and DevOps, we see a sharp increase in the need to tackle contextual, fine-grained authorization. To address this, the members of the OASIS XACML Technical Committee have been working on the latest generation of their policy-based language to make it adapted to developers. When developers can implement policies without having to compile source code, then the application is policy-enabled. Policy-driven authorization has several benefits including lessening the burden on developers who will no longer have to write authorization code. Policies are also easier to maintain and audit and can tie straight into an enterprise's existing IAM environment. Policy-driven authorization makes it easier to implement complex scenarios such as GDPR compliance, export control, and many more use cases. This talk will navigate the universe of policy-driven authorization to introduce attendees to the different alternatives before diving into a live example using ALFA, Java, and JSON. the Abbreviated Language for Authorization. Attendees are encouraged to bring a laptop, follow along, and implement their own examples.