Get the eBook free when you register your print book at Manning.
Stale permissions and manual access policy enforcement are a constant security risk. Dynamic authorization—automatic systems that eliminate permanent access grants and manual review-and-revise processes—can radically improve access control. This practical, focused book shows you how to switch from crude yes/no permissions to flexible, policy-driven rules that adapt instantly.
Access control needs evolve as users require short-term data access, location-based services, temporary work assignments, or changing employment status. Dynamic authorization systems adapt access in real time. This book presents a view of dynamic authorization that merges role-based, attribute-based, and relationship-based models into a single framework. You'll learn exactly how dynamic authorization works, as well as the governance, architecture, and team structures necessary to sustain the approach in the enterprise.
Authorization in Action shows you how to:
• Establish RBAC, ABAC, and ReBAC for dynamic authorization
• Design adaptive access control policies
• Implement policy-based access control (PBAC)
• Integrate decision logic with organizational data
• Establish clear authorization governance structures
About the book
Authorization in Action comes to life through the all-too-real access control struggles facing the fictional ACME Corp's customer, HR, and engineering systems. Step-by-step walkthroughs make these examples concrete, while real-world incidents—like the Target data breach—show what's at stake when authorization goes wrong. You'll implement a dynamic authorization framework integrating the Cedar authorization policy language and the RBAC, ABAC, and ReBAC models, and you'll design adaptive policies that reflect real business rules. Plus, you'll build governance structures with clear ownership, aligned teams, and processes to review, audit, and evolve at scale.
About the reader
For IT workers, executives, directors, and product managers who know the basics of systems architecture.
About the author
Phil Windley is co-founder and organizer of the Internet Identity Workshop and Executive Director of the IIW Foundation, advancing human-centered digital identity. He was Founding Chair of the Sovrin Foundation (2016-2020) and most recently served as Senior Software Development Manager at AWS Identity.
