< session />
How Google Built a Consistent, Global Authorization System (You Can Too!)
Google Zanzibar is the global authorization service that powers access control across products like Google Docs, YouTube, and Cloud IAM. Designed to handle more than 10 million client queries per second, Zanzibar demonstrates how to achieve global-scale authorization with flexible consistency guarantees. This session unpacks the engineering principles behind Zanzibar and provides a practical guide for building similar systems.
Starting with the fundamentals of Relationship-Based Access Control (ReBAC), the talk explores how Zanzibar achieves correctness, scalability, and speed. Attendees will learn about the system’s APIs, how it manages consistency in a distributed environment, and how Google solved the “New Enemy” problem to maintain secure, real-time access control. The session concludes with a look at open-source tools and design patterns that can help teams implement Zanzibar-inspired authorization in their own applications.
What You Will Learn
-
The core ideas behind Google Zanzibar and Relationship-Based Access Control (ReBAC)
-
How to design globally consistent, distributed authorization systems at scale
-
How to use open-source frameworks and patterns to add scalable authorization to your applications
Who Should Attend
Software architects, backend engineers, security engineers, and developers building distributed systems that require fine-grained, consistent, and scalable access control.
< speaker_info />
About the speaker
Sohan Maheshwar
Lead Developer Advocate, AuthZed
Sohan is a Lead Developer Advocate at AuthZed, based in the Netherlands. He started his career as a developer building mobile apps and has been living in the cloud since 2013, in companies such as Amazon, Fermyon and Gupshup. He is also an O' Reilly author, having created a course on Cloud Concepts for Everyone.
He has always been interested in emerging technologies and how it shapes the world around us.
