Authentication Protocols LDAP(Lightweight Directory Access Protocol) For years most of the enterprises have been maintaining their own LDAP based user store to store user details along with username and password. Directly calling this storage and validating the password against stored one caters for basic authentication. With the cloud services availability and popular…

Just to capture my thoughts on Google Zanzibar based on the published research paper at https://storage.googleapis.com/pub-tools-public-publication-data/pdf/41f08f03da59f5518802898f68730e247e23c331.pdf Scale of Zanzibar and realizing it acts as the central access control system for 100s of Google services itself earned lot of respect as I just started. Since it’s shared by many different services…

SAML — Security Assertion Markup Language OAuth — Open Authorization If you have some understanding on SAML and OAuth, you may have found it an incomparable battle. Yes, though both SAML and OAuth deal with Identity and Access Management(IAM) they focus on different aspects. …

User authentication is an ever-evolving aspect which has gone through rapid revamps along the path, from basic authentication, multi-factor, social, bio-metric and password-less. Finding the right balance between security aspects and seamless user experience has driven advancements in this regards. I would name Google One Tap(GOT) as one such effort…

Open Policy Agent[1] is a promising, lightweight and very generic policy engine to govern authorization is any type of domain. …