Episode 093 - GluuFederation/identerati-office-hours GitHub Wiki

Title: Is TBAC the Future? Gluu, SGNL & Strata Weigh In

• Host: Mike Schwartz, Founder/CEO Gluu

• Guest: Atul Tulshibagwale, Co_Founder, CTO SGNL

• Guest: Gerry Gebel, VP Product & Standards at Strata Identity

• Linkedin Event

• Youtube Video

Description

TBAC is a new access control model that leverages the rich context encoded in tokens, such as JWTs, to make dynamic, fine-grained access decisions. Unlike existing models like RBAC, ABAC, or ReBAC, which rely on roles, attributes, or relationships, TBAC evaluates access based on the information embedded in a bundle of tokens, providing unparalleled flexibility and contextual awareness.

But is a new access control model needed? Is TBAC a re-hashing of other access control models, like ABAC or PBAC? Can tokens contain the context necessary to make decisions without access to other data sources? Could enterprises implement "Zero Standing Priviledge" using a TBAC approach?

In this episode of Identerati Office Hours, three of the leaders in modern enterprise identity will discuss the merits of TBAC and the arguments for and against the approach.

Homework

• Introducing Token-Based Access Control (TBAC)

• Token Based Acces Control: Part II

Takeaways

TBD

Livestream Audio Archive

Will be Here