top | item 34869286

(no title)

jschorr | 3 years ago

Zanzibar is an authorization system Google built and describes in a paper [1], which uses relationships to make authorization decisions (aka ReBAC): if there exists a path of such relationships between a resource's permission and, say, a user, then the user is considered to have that permission on the resource. This structural approach to permission checking allows for high levels of scaling and low latency on checks.

Disclaimer: I am the cofounder of AuthZed, where we are building an open source version of Zanzibar known as SpiceDB [2]

[1] https://zanzibar.tech [2] https://github.com/authzed/spicedb

discuss

grogenaut|3 years ago

Is it spiced because the authorizations must flow?

jschorr|3 years ago

Indeed it is! :)