Justin Cormack (https://www.cloudatomiclab.com, https://twitter.com/justincormack) presents the paper:
"ACL's Don't" by Tyler Close.
Download Paper: http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.406.4684&rep=rep1&type=pdf
Access control lists, in the form of RBAC and related technology are everywhere. They are fundamental to how we design authorisation mechanisms in systems today. However they don’t actually work, as this lovely, short and beautifully written paper by Tyler Close from 2009 explains, and major security issues such as the recent Kubernetes vulnerability continue to happen because of this.
Justin Cormack is a security engineer at Docker, based in Cambridge.
Wellcome Trust, Gibbs Building
215 Euston Road
London NW1 2BE
The nearest tube station is Euston/Euston Square. The schedule:
• 6.30pm: pizza and drinks
• 7:00pm: presentation starts
• 8:00pm: presentation end
Meetup are captured on video and uploaded on the PWL London Youtube channel https://www.youtube.com/channel/UCEYe-1uDIkjPtuH_qhoybnA