Protecting resources in a message-driven application poses difficult challenges due to its asynchronous nature, where an incoming user request entails backend processing at a later point in time, multiple message types (commands, events and queries) with different semantics and the triggering of complex, potentially long-running workflows.
Whereas a synchronous (request/response) invocation involves immediate authorization of known parties, e.g. one microservice directly calling another, the complexity of enforcing permissions in a decoupled, dynamic system (where the producer of a message has no knowledge of who consumes it, and when) has typically limited access control to be performed at the application boundary, commonly in API gateways; this leaves internal services and assets vulnerable to threats by any unauthorized subject, violating key principles of a zero trust environment.
This session focuses on securing access in a message-driven architecture using a token based approach with Open Policy Agent (OPA), allowing for verification of each message and the claims of users and services at critical points throughout the asynchronous communication flow. The characteristics of disparate message types (e.g. a command routed to a single target handler vs an event that reaches one or more subscribers, may be stored long-term, replayed and possibly cross application boundaries), and their implications for how, where and when to perform access control will be detailed with concrete examples, along with a discussion of performance and scalability aspects as well as how to implement and deploy permission policies.
As we move towards building message-driven systems that operate in constantly-changing conditions, implementing novel access control measures that support zero trust and emerging interaction patterns becomes essential; this talk will help you achieve that.
Marc Klefter
Edument AB
Recorded at Jfokus 2024 in Stockholm 7th of february
www.jfokus.se