Sign up to save your podcasts
Or
Share Building Smarter Authorization Systems with Sam Scott
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Building Smarter Authorization Systems with Sam Scott
This episode explores the intricacies of authorization in software development with Sam Scott, CTO and co-founder of Oso. This conversation highlights the subtle yet critical differences between authentication and authorization, and why understanding these distinctions is pivotal for securing applications effectively. Sam shares his journey from a cryptography PhD to tackling real-world software security problems, emphasizing Oso's mission to streamline authorization for developers. The episode is rich with insights on how fine-grained authorization can significantly improve security posture and user experience, drawing on examples from prominent tech companies like AWS and Google Cloud. Sam also introduces Oso's innovative approach to authorization, simplifying permission management without sacrificing flexibility or control, making it an indispensable tool for developers navigating the complex landscape of modern software security.
Show Highlights:
(00:00) Introduction
(01:49) Insights from Sam's PhD in cryptography
(01:56) Understanding the difference between authentication and authorization
(04:05) The real-world implications of key management and the role of authorization in security
(06:02) Explaining role-based access control and its practical applications in cloud environments
(10:47) The complexities of managing access controls in microservices architectures
(15:37) How Oso simplifies the implementation of authorization for developers
(19:21) Discussion on the importance of consistent authorization practices across internal and external applications
(25:14) Sam explains the challenges and necessity of implementing user impersonation features in authorization systems
(31:12) The future of authorization technologies and integrating them into business practices
(35:38) Where to find more resources about Oso and get involved with their community
About Sam:
Sam is the cofounder/CTO at Oso, working on making security and authorization more accessible for developers. Sam previously got a PhD in Cryptography and was a contributor to TLS 1.3
Links referenced:
Oso Website: https://www.osohq.com/
Oso’s Authorization Academy: https://www.osohq.com/academy/authorization-academy
Oso Community:
https://join-slack.osohq.com/
https://oso-oss.slack.com/join/shared_invite/zt-1ygg193va-UTUiT7Gwt7DjZGgF96Ze~w#/shared-invite/email
* Sponsor
Oso: https://www.osohq.com/
View all episodes
By Corey Quinn
4.7
9292 ratings
This episode explores the intricacies of authorization in software development with Sam Scott, CTO and co-founder of Oso. This conversation highlights the subtle yet critical differences between authentication and authorization, and why understanding these distinctions is pivotal for securing applications effectively. Sam shares his journey from a cryptography PhD to tackling real-world software security problems, emphasizing Oso's mission to streamline authorization for developers. The episode is rich with insights on how fine-grained authorization can significantly improve security posture and user experience, drawing on examples from prominent tech companies like AWS and Google Cloud. Sam also introduces Oso's innovative approach to authorization, simplifying permission management without sacrificing flexibility or control, making it an indispensable tool for developers navigating the complex landscape of modern software security.
Show Highlights:
(00:00) Introduction
(01:49) Insights from Sam's PhD in cryptography
(01:56) Understanding the difference between authentication and authorization
(04:05) The real-world implications of key management and the role of authorization in security
(06:02) Explaining role-based access control and its practical applications in cloud environments
(10:47) The complexities of managing access controls in microservices architectures
(15:37) How Oso simplifies the implementation of authorization for developers
(19:21) Discussion on the importance of consistent authorization practices across internal and external applications
(25:14) Sam explains the challenges and necessity of implementing user impersonation features in authorization systems
(31:12) The future of authorization technologies and integrating them into business practices
(35:38) Where to find more resources about Oso and get involved with their community
About Sam:
Sam is the cofounder/CTO at Oso, working on making security and authorization more accessible for developers. Sam previously got a PhD in Cryptography and was a contributor to TLS 1.3
Links referenced:
Oso Website: https://www.osohq.com/
Oso’s Authorization Academy: https://www.osohq.com/academy/authorization-academy
Oso Community:
https://join-slack.osohq.com/
https://oso-oss.slack.com/join/shared_invite/zt-1ygg193va-UTUiT7Gwt7DjZGgF96Ze~w#/shared-invite/email
* Sponsor
Oso: https://www.osohq.com/
More shows like Screaming in the Cloud
View all
Software Engineering Radio
271 Listeners
Hanselminutes with Scott Hanselman
383 Listeners
The Changelog: Software Development, Open Source
289 Listeners
The a16z Show
1,084 Listeners
Software Engineering Daily
626 Listeners
The Cloudcast
153 Listeners
Thoughtworks Technology Podcast
43 Listeners
Y Combinator Startup Podcast
226 Listeners
Syntax - Tasty Web Development Treats
987 Listeners
AWS Podcast
203 Listeners
AWS Morning Brief
79 Listeners
The Stack Overflow Podcast
64 Listeners
Dwarkesh Podcast
503 Listeners
Oxide and Friends
62 Listeners
The AI Daily Brief: Artificial Intelligence News and Analysis
608 Listeners