BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ
News Articles Presentations Podcasts Guides

Topics

Choose your language

InfoQ Dev Summit Boston

Special Memorial Day Sale with significant discounts of up to 60% off. Register now.
InfoQ Dev Summit Munich

Special Summer Sale up to 60% off. Only 150 tickets available at this price.
QCon San Francisco

Level up your software skills by uncovering the emerging trends you should focus on. Register now.
The Software Architects' Newsletter

Your monthly guide to all the topics, technologies and techniques that every professional needs to know about. Subscribe for free.

InfoQ Homepage Access Control Content on InfoQ

News

RSS Feed
  • DevOps

    Styra's Policy as Code Report: Identity and Access Management Drives Adoption

    The State of Policy as Code report from Styra, based on a survey of 285 U.S. developers and technical decision-makers, highlighted that 97% of respondents believe policy as code is crucial for efficient software building in cloud environments. The report's key findings highlight policy as the code's role in enhancing development efficiency, security, and simplicity.

    Aditya Kulkarni
    on Dec 31, 2023
  • DevOps

    AWS Creates New Policy-Based Access Control Language Cedar

    AWS has created a new language for defining access permissions using policies called Cedar. Cedar is currently used within Amazon Verified Permissions and AWS Verified Access. Created by the AWS Automated Reasoning Group, Cedar is designed to be agnostic of AWS and simple to understand the effects of policies.

    Matt Campbell
    on Feb 19, 2023
  • Cloud

    AWS Announces Upcoming Security Changes in April 2023 for Amazon S3

    Recently AWS announced it would make two changes to Amazon Simple Storage Service (Amazon S3): all buckets in a region will have S3 Block Public Access enabled and access control lists (ACLs) disabled by default. These changes will take effect in April 2023 and will be rolled out by the company in all AWS regions within weeks.

    Steef-Jan Wiggers
    on Dec 27, 2022
  • DevOps

    Spotify Releases Enterprise Plugin Bundle for Backstage

    Spotify has released five plugins for Backstage as a purchasable bundle. The five plugins cover a variety of use cases including compliance, access control, employee education and satisfaction, and usage metrics. The plugins are a mix of existing Spotify tooling and new development specifically for this bundle.

    Matt Campbell
    on Dec 27, 2022
  • DevOps

    Scaling Access Management at Airbnb

    Airbnb's product engineering team recently discussed their implementation of a self-serving, centralized access control platform. Built on the principle of least privilege, the team designed a five-stage architecture, providing benefits from security, usability, and developer experience aspects.

    Aditya Kulkarni
    on Nov 04, 2022
  • Cloud

    Improve Access Control of Google Cloud SQL with IAM Conditions and Tags

    Recently, Google announced the general availability (GA) of IAM Conditions and Tags for Cloud SQL, a fully-managed relational database service for MySQL, PostgreSQL, and SQL Server.

    Steef-Jan Wiggers
    on Mar 08, 2022
  • Cloud

    Microsoft Launches Azure Active Directory-Based Access Control for Service Bus

    In a recent statement, Microsoft has announced the general availability of Azure Active Directory (AD) based access control for Service Bus, enabling the option to use identities in combination with Role Based Access Control (RBAC) to authenticate against the service’s data endpoints. Moreover, they have also introduced accompanying RBAC roles, providing granular control over granted permissions.

    Eldert Grootenboer
    on Sep 10, 2019
  • Cloud

    AWS Identity and Access Management Gains Tags and Attribute-Based Access Control

    Amazon Web Services (AWS) recently enabled tags for IAM users and roles to ease the management of IAM resources. Notably, this release also includes the ability to embrace attribute-based access control (ABAC) and match AWS resources with IAM principals dynamically to "simplify permissions management at scale".

    Steffen Opel
    on Feb 08, 2019
  • Cloud

    Google Releases New Security Features for Compute Engine: Resource-Level IAM and IAM Conditions

    Google announced two new Cloud Identity and Access Management (IAM) features to help customers manage their security and access control in the Google Compute Engine better. These features are the resource-level IAM to set policies on individual resources, and IAM conditions to grant access based on predefined conditions.

    Steef-Jan Wiggers
    on Oct 26, 2018
  • Cloud

    AWS Organizations Offers Centralized Policy-Based Account Management

    After a three month preview since re:Invent 2016, Amazon Web Services has recently moved AWS Organizations to general availability. The new service allows to centrally manage multiple AWS accounts within a hierarchy of organizational units and attach service control policies with fine-grained access permissions. AWS Organizations also supersede the formerly separate consolidated billing feature.

    Steffen Opel
    on Mar 31, 2017

  • Fine-Grained Authorization for Java Applications

    A fine-grained authorization system based on XACML specification can increase agility and control in addition to traditional role based access control method of authorizing users based on their roles. Subbu Devulapalli spoke at JavaOne 2010 Conference about standards and deployment models in user authorization. He also discussed best practices when implementing authorization in Java applications.

    Srini Penchikala
    on Oct 06, 2010
BT