Loading…
16-17 June
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Japan 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Japan Standard Time (UTC+9:00)To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change and session seating is available on a first-come, first-served basis. 
← Back to schedule
Mastering Authorization: Integrating Authentication and Authorization Data in Cloud Native Apps - Yoshiyuki Tabata, Hitachi, Ltd.
Tuesday June 17, 2025 14:50 - 15:20 JST
Level 1 | Pegasus Ballroom B2+C
Authorization is one of the most important considerations for cloud-native applications, as highlighted by the OWASP Top 10. For a long time, there was no clear standard, making authorization a significant challenge for many implementers. The OpenID Foundation AuthZEN WG is now working on standards, focusing on interfaces between PEP (Policy Enforcement Point) and PDP (Policy Decision Point), which provides some hope.
However, managing authorization data remains challenging. Since this data is closely related to authentication data, architects often struggle with how the OP (OpenID Provider) and PDP should manage and integrate it. There are multiple methods, and the best approach varies by use case.
In this session, Yoshiyuki Tabata will explain various methods for managing and integrating authentication and authorization data. He will also describe implementation using Keycloak for OP and Topaz for PDP, providing valuable insights into effective data management.
Speakers
avatar for Yoshiyuki Tabata

Yoshiyuki Tabata

Senior OSS Consultant, Hitachi, Ltd.
He's a Senior OSS Consultant at Hitachi, Ltd. As an expert in IAM and APIs, he has provided numerous consultations over the past decade, including designing API and Authn/Authz platforms. He has actively contributed to CNCF TAG Security and has added significant functionalities to... Read More →
Tuesday June 17, 2025 14:50 - 15:20 JST
Level 1 | Pegasus Ballroom B2+C
  Security

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Share Modal

Share this link via

Or copy link