BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Penn Engineering Events - ECPv6.16.3//NONSGML v1.0//EN
CALSCALE:GREGORIAN
METHOD:PUBLISH
X-WR-CALNAME:Penn Engineering Events
X-ORIGINAL-URL:https://seasevents.nmsdev7.com
X-WR-CALDESC:Events for Penn Engineering Events
REFRESH-INTERVAL;VALUE=DURATION:PT1H
X-Robots-Tag:noindex
X-PUBLISHED-TTL:PT1H
BEGIN:VTIMEZONE
TZID:America/New_York
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20230312T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20231105T060000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20240310T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20241103T060000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20250309T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20251102T060000
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20241107T153000
DTEND;TZID=America/New_York:20241107T163000
DTSTAMP:20260603T001949
CREATED:20241017T201128Z
LAST-MODIFIED:20241017T201128Z
UID:12418-1730993400-1730997000@seasevents.nmsdev7.com
SUMMARY:CIS Seminar: "Cedar: A language for expressing fast\, safe\, and fine-grained authorization policies"
DESCRIPTION:Cedar is a new open-source authorization policy language\, used to express fine-grained permissions on behalf of applications. Rather than embed authorization logic in their application code\, developers can write that logic as Cedar policies and delegate access requests to Cedar’s evaluation engine. Cedar is designed to be ergonomic\, fast\, safe\, and analyzable. Cedar’s simple and intuitive syntax supports common authorization use-cases\, naturally leveraging concepts from role-based\, attribute-based\, and relation-based access control models. Cedar’s policy structure ensures that access requests can be authorized quickly. Cedar’s schema-based policy validator leverages optional typing to help policy writers avoid mistakes\, but not get in their way. Cedar’s design has been finely balanced to allow for a sound and complete logical encoding to a decidable first-order theory\, which enables precise automated policy analysis\, e.g.\, to ensure that when refactoring a set of policies\, the authorized permissions do not change. \nCedar is built using a high-assurance process called verification-guided development. Its authorization engine and validator are formally modeled in the Lean proof-enabled programming language. Cedar’s core development team proves safety and security properties about those models in Lean\, and runs millions of automated differential tests to check that the implementations of the Cedar authorization engine and validator\, written in Rust\, agree with the Lean models. \nCedar is used by AWS’s Amazon Verified Permissions and AWS Verified Access services\, and in third-party applications and services. Cedar’s code\, proofs\, and tests are open-source at https://github.com/cedar-policy. There are many interesting problems still to address\, especially in the areas of provable\, end-to-end security enforcement; automated specification and test generation; and formal reasoning about how policies can evolve.
URL:https://seasevents.nmsdev7.com/event/cis-seminar-cedar-a-language-for-expressing-fast-safe-and-fine-grained-authorization-policies/
LOCATION:Wu and Chen Auditorium (Room 101)\, Levine Hall\, 3330 Walnut Street\, Philadelphia\, PA\, 19104\, United States
ORGANIZER;CN="Computer and Information Science":MAILTO:cherylh@cis.upenn.edu
END:VEVENT
END:VCALENDAR