Episode 179 - GluuFederation/identerati-office-hours GitHub Wiki
Title: Identity-Centric to Proof-Centric Authz Models
- Host: Mike Schwartz, Founder/CEO Gluu
- Guest: Alan Karp, Distributed Systems Architect
Channels
Description
In systems driven by APIs and AI agents, authorization is shifting from IDENTITY-CENTRIC to PROOF-CENTRIC models. Instead of relying on a single identity, decisions increasingly evaluate multiple signals — access tokens, device posture, workload identity, and contextual claims. That makes ARC-style evaluation (Action → Resource → Context) closer to how modern policy engines and zero-trust architectures already operate in modern cloud platforms.
Homework
Programs do good things, but also do bad,
making software security more than a fad.
The authority of programs, we do need to tame.
But bad things still happen. Who do we blame?
From the very beginnings of access control:
Should we be safe by construction,
or should we patrol?
Horton shows how, in an elegant way,
we can simply do both, and so save the day.
with apologies to Dr. Seuss
Takeaways
-
⚡ Capabilities simplify delegation--consider your car keys, which are identity unaware.
-
⚡ It makes no sense to manage ephemeral AI identities like workforce identities. As Sankarshan Mukhopadhyay asserts "The shift from human review to cryptographic verification is not a preference for technical elegance over human judgment. It is a recognition that human judgment cannot scale to the volume or speed of machine-generated content, and that indeterminate provenance in an agentic economy is not merely inconvenient. It is a governance failure waiting to become a liability crisis."
-
⚡ Alan sees a capability as a "transferable proof of permission", for example, your car key. This shifts enforcement toward possession of explicit authorization evidence rather than looked-up privileges in a graph.
-
⚡ Capabilities based access control was so toxic at one point that Alan had to invent new jargon to re-brand it.