Google Research has given us Macaroons (no, not the fancy, delicious cookies). Google’s Macaroons are an authorization model with support for contextually controlled caveats and the simplicity of a regular cookie. This allows a fine-grained and flexible approach to delegating privilege to principals in a decentralized way, allowing you to protect resources.
Brian Sletten introduces the underlying principles of Macaroons as he walks you through applying them in practice with nontrivial delegation scenarios, demonstrating how to build systems with strong controls as well as the freedom to transfer privileges to others with more narrow constraints.
The combination of simplicity, flexibility, and sophistication is a rare and desirable goal for modern security controls. Even if you aren’t interested in putting Macaroons in practice in your own work, it is worth diving deeper just to gain exposure to a technology with these properties.
Brian Sletten is the president of Bosatsu Consulting, where he focuses on web architecture, resource-oriented computing, social networking, the semantic web, data science, 3D graphics, visualization, scalable systems, security consulting, and other technologies of the late twentieth and early twenty-first centuries. A liberal arts–educated software engineer with a focus on forward-leaning technologies, Brian has worked in many industries, including retail, banking, online games, defense, finance, hospitality, and healthcare. He holds a BS in computer science from the College of William and Mary. Brian is a rabid reader and devoted foodie with excellent taste in music. If pressed, he might tell you about his international pop recording career.
©2016, O’Reilly UK Ltd • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • firstname.lastname@example.org