Implementing Complex IoT Fine-Grained Access Policies

Alex Babeanu’s presentation from Cloud Identity Summit 2017:  Implementing Complex IoT Fine-Grained Access Policies.


Device manufacturers often have to manage hundreds of millions of devices, spread-out across a variety of regions and dealing with many different types of identities. Traditional/legacy tools are often ill-suited or simply lack the necessary throughput to model and solve the complexities inherent to such big volumes. This session illustrates how Graph Databases can help solve these problems through real-life examples. Access Policies are nothing more than (sometimes complex) relationships between resources and identities. Graph Databases are particularly well-suited for modelling relationships and are therefore extremely efficient tools for managing fine-grained access policies. Additionally, Graphs add meaning to data, in effect creating semantic webs of knowledge that can be reused across domains. These novel tools have considerably simplified the modelling of these complex policies and thus tremendously improved the performance, maintainability, and scalability of the overall system. Beyond the realm of pure IoT, these tools could also greatly improve any Identity Relationship Management (IRM) effort.