Back to the Basics: Authentication and Authorization 101

Authn and Authz - two basic security needs for every platform, environment, or application. This talk will dive into these two technologies and the corresponding OSS.

Authentication in computing: verifying a user, process, or machine. Authorization in computing: allowing the correct access to an asset. These are two basic ideas that often get confused, even with developers 5+ years into their career. They are technologies that get tacked on after an application is already created, making it a headache for those SRE, DevOps, or Platform Engineers who have to run the application.

But it doesn’t have to be this way.

Let’s go back to the basics and think about authentication and authorization as you greenfield. In case you are already past that point and are needing to tack on authn or authz to your current stack, we will outline tools to make that possible as well.

This talk will go through:

  1. The history of authentication and authorization
  2. Defining each and how they work together in computing
  3. Free, open source tools you can use for your own authentication and authorization needs



Jenessa Petersen

Jenessa Petersen has spent the last 10 years entrenched in the far reaches of infrastructure technology: At CoreOS, Let’s Encrypt, Smallstep, and now at AuthZed. She lives and breathes free and open ...