Software at Scale
Software at Scale
Software at Scale 46 - Authorization with Or Weis

Software at Scale 46 - Authorization with Or Weis

RBAC, ABAC, GBAC, OPAL, and even more acronyms in this deep-dive of permission management

Or Weis is the CEO and founder of, a Permission as a Service platform. Previously, he founded Rookout, a cloud-debugging tool.

Apple Podcasts | Spotify | Google Podcasts

Share Software at Scale

Many of us have struggled (or are struggling) with permission management in the various applications we’ve built. The complexity of these systems always tends to increase through business requirements - for example, some content should only be accessed by paid users or users in a certain geography. Certain architectures like filesystems have hierarchical permissions that efficient evaluation, and there’s technical complexity that’s often unique to the specific application.

We talk about all the complexity around permission management, and techniques to solve it in this episode. We also explore how Permit tries to solve this as a product and abstract this problem out for everyone.


[0:00] - Why work on access control?

[02:00] - Sources of complexity in permission management

[08:00] - Which cloud system manages permissions well?

[11:00] - Product-izing a solution to this problem

[17:00] - What kind of companies approach you for solutions to this problem?

[22:00] - Why are there research papers written about permission management?

[38:00] - Permission management across the technology stack (inter-service communication)

[42:00] - What are you excited about building next?

Software at Scale
Software at Scale
Software at Scale is where we discuss the technical stories behind large software applications.