The talk introduces a service implementation that provides services to support access control functionalities. In the cloud environment, access control is usually supported by Identity and Access Management (IAM) services provided by the cloud providers. These solutions are well established and well-integrated into the cloud. Still, they are rarely granular enough to support all the access control functionalities of business applications. A conventional business application implements the granular access control requirements into the business-specific code. The service introduced in the presentation shows that access control can be separated from the application logic. It can be implemented to provide a unified approach to access control for all enterprise applications, may they run in the house, in the cloud, even with multiple cloud providers. Utilizing such a structure may eventually enable the development of business agnostic services. Using those, in the long run, developers can develop business applications utilizing only client code.
This architecture was not only designed as a white paper but was also developed in EPAM as a research project and reached PoC and MVP state 2020-09 and 2020-10.