Cedar: A New Language for Expressive, Fast, Safe, and Analyzable Authorization-Reference-Cited by-同舟云学术

Cedar: A New Language for Expressive, Fast, Safe, and Analyzable Authorization

Published:2024-04-29 Issue:OOPSLA1 Volume:8 Page:670-697
ISSN:2475-1421
Container-title:Proceedings of the ACM on Programming Languages
language:en
Short-container-title:Proc. ACM Program. Lang.

Author:

Cutler Joseph W.¹^ORCID,Disselkoen Craig²^ORCID,Eline Aaron²^ORCID,He Shaobo³^ORCID,Headley Kyle⁴^ORCID,Hicks Michael²^ORCID,Hietala Kesha²^ORCID,Ioannidis Eleftherios¹^ORCID,Kastner John²^ORCID,Mamat Anwar⁵^ORCID,McAdams Darin⁶^ORCID,McCutchen Matt⁷^ORCID,Rungta Neha⁶^ORCID,Torlak Emina⁶^ORCID,Wells Andrew M.³^ORCID

Affiliation:

1. University of Pennsylvania, Philadelphia, USA

2. Amazon Web Services, Arlington, USA

3. Amazon Web Services, Santa Clara, USA

4. Unaffiliated, Arlington, USA

5. University of Maryland, College Park, USA

6. Amazon Web Services, Seattle, USA

7. Unaffiliated, Rockville, USA

Abstract

Cedar is a new authorization policy language designed to be ergonomic, fast, safe, and analyzable. Rather than embed authorization logic in an application’s code, developers can write that logic as Cedar policies and delegate access decisions to Cedar’s evaluation engine. Cedar’s simple and intuitive syntax supports common authorization use-cases with readable policies, naturally leveraging concepts from role-based, attribute-based, and relation-based access control models. Cedar’s policy structure enables access requests to be decided quickly. Cedar’s policy validator leverages optional typing to help policy writers avoid mistakes, but not get in their way. Cedar’s design has been finely balanced to allow for a sound and complete logical encoding, which enables precise policy analysis, e.g., to ensure that when refactoring a set of policies, the authorized permissions do not change. We have modeled Cedar in the Lean programming language, and used Lean’s proof assistant to prove important properties of Cedar’s design. We have implemented Cedar in Rust, and released it open-source. Comparing Cedar to two open-source languages, OpenFGA and Rego, we find (subjectively) that Cedar has equally or more readable policies, but (objectively) performs far better.

Publisher

Association for Computing Machinery (ACM)

Link

https://dl.acm.org/doi/pdf/10.1145/3649835

Reference55 articles.

1. Subtyping with singleton types

2. authzed-spicedb 2024. spicedb. https://github.com/authzed/spicedb. Open Source Google Zanzibar-inspired permissions database to enable fine-grained access control for customer applications.

3. aws-iam 2024. Access Management – AWS Identity and Access Management (IAM). https://aws.amazon.com/iam/.

4. azure-policy 2024. Azure policy documentation. https://learn.microsoft.com/en-us/azure/governance/policy/.

5. John Backes Pauline Bolignano Byron Cook Catherine Dodge Andrew Gacek Kasper Luckow Neha Rungta Oksana Tkachuk and Carsten Varming. 2018. Semantic-based Automated Reasoning for AWS Access Policies using SMT. In 2018 Formal Methods in Computer Aided Design (FMCAD). 10.23919/FMCAD.2018.8602994

Cited by 2 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Topaz: Declarative and Verifiable Authoritative DNS at CDN-Scale;Proceedings of the ACM SIGCOMM 2024 Conference;2024-08-04

2. How We Built Cedar: A Verification-Guided Approach;Companion Proceedings of the 32nd ACM International Conference on the Foundations of Software Engineering;2024-07-10