As we close out 2024, it’s time to reflect on all that has happened this year in the world of Authorization. It has been a wild year, with breaches, company pivots, an acquisition, some fundraising, and most of all: shipping cool stuff. At AuthZed, we mostly focus on end-user-facing authorization, so this review will probably (read: definitely) be biased toward things that have happened in that space. Without further ado, let’s start with some notable breaches.
Broken Access Control Breaches
In 2024, we saw a few notable breaches that were the result of either broken or missing access control. The first such breach happened to Kia.
Kia Dealership Registration Bug
In September, researchers found a bug that allowed them to register as a dealer without being verified. They then found a way to leverage that into remote control of individual vehicles based only on the license plate! They could start, stop, lock, and unlock at a minimum.
Dropbox API Key Compromise
Back in April, attackers compromised a service account in Dropbox’s Sign service, which allowed them access to sensitive information such as unhashed API keys and hashed passwords. By compromising a service account, rather than a regular user account, they managed to get far more access than usual.
Attacker Obtains Access to 49 Million Dell Records
In April, an attacker managed to abuse a partnership registration API to get access to sensitive information from Dell. Similar to the Kia breach, they leveraged the ability to register as a partner to get access to more first-party information. The breach was discovered when the attacker attempted to sell the information online.
SSRF Bug in Next.js
While not exactly a broken access control breach, the last breach involves the very popular Next.js framework. In May, a pair of vulnerabilities were discovered in Next.js, the more interesting of which allows a Server-Side Request Forgery (SSRF) attack, which (similarly to broken access control) can trick servers into handing out unauthorized data to an attacker.
Solutions Divide into Zanzibar and Policy Engines
If you’re creating a solution in the authorization space, it’s widely known that the status quo for most companies and applications is hand-written authorization code. We recommend against this practice for a variety of reasons: inflexibility, the sensitive nature of the code, authorization model skew between applications in a suite, impact on feature velocity, etc. Solutions, almost by definition, must offer a vision of how authorization should work that is contrary to the idea that we can solve any authorization challenge with just a bit more code. To that end, we’ve started to see the industry congeal around primarily two paradigms: policy engines such as OPA, and Zanzibar.
Policy Engines
Policy engines are based on the core concepts in Attribute-Based Access Control (ABAC) where you feed relevant information to a computer program and that program makes an access control decision on the spot. The program usually doesn’t have any state or context outside of what is fed to it at the time of access, which allows for quick decisions once all of the data has been assembled. These programs are usually written in a logic programming language such as Datalog or AWS’s Cedar.
There are some applications where this model is really nice, particularly for decisions where all of the state is readily available at decision time. Think: a stateless web filter that is basing decisions on IP addresses, headers, and URLs. For these types of workloads, you don’t pay any penalty for retrieving the information at request time. For workloads that have context out of band, such as an existing relationship between the requesting user and the data in question, you must first retrieve that information before you can feed it to the decision engine. For these types of decisions, many users and businesses find a solution based on Zanzibar to be a better fit.
Zanzibar
In 2019, Google published a paper called “Zanzibar: Google’s Consistent, Global Authorization System”, colloquially known as the Zanzibar Paper. In this paper, Google lays out the most recent evolution of their internal authorization: from hand-written code, through a shared library, and finally to a centralized service. The system they describe is scalable, flexible, consistent, performant, and highly available.
At AuthZed, we’ve built the most robust open-source project modeled after Google’s Zanzibar: SpiceDB. Thanks to the performant and scalable nature of the solution, businesses now have a common and centralized way for all applications to share both an authorization model, AND the underlying state, allowing for some amazing interactions between applications and services. If Google has ever warned you about sending an email with a link to a document to which the receiver doesn’t have access, you’ve seen Zanzibar in action!
We’re not the only ones who have noticed how great of a solution Zanzibar is; there are many players in this space now. Without listing them all, I will just say that I personally believe that solutions from AuthZed are the most faithful implementation of the concepts in Zanzibar. We’re the only solution that has implemented most of the performance and reliability aspects of Zanzibar, such as Materialize (an answer to the paper’s Leopard Cache), from which it derives its resiliency and incredible tail-call latencies.
It also makes for a killer engine to secure AI interactions on behalf of users.
Authorization at the Confluence of Data and AI
The Current AI Revolution
Unless you’ve been blissfully living under a rock for the past few years, you’ve probably heard about humanity’s newest iteration of AI. In January of 2022, OpenAI took the world by storm by releasing DALL-E, a generative AI system which could create compelling images that didn’t exist anywhere in its training set. People were blown away. Many teeth were gnashed and many hands were wrung. Ultimately it seemed like there was still room in this world for humans as the output was good, but it wasn’t that good. In November of that same year OpenAI released ChatGPT, and all hell broke loose.
With the release of ChatGPT, AI finally felt intelligent to many. A Google system which performs a similar function was so compelling that an engineer was fired for claiming their system was sentient, and therefore had rights. Since then, AI has taken the world by storm, besting humans in all kinds of tasks, such as test-taking, interviewing, and now maybe thinking itself?
Interest from investors and businesses has been incredibly high, with AI taking the lion’s share of investment dollars in 2023 and 2024. OpenAI, the company that kicked our current wave into high gear, recently closed the largest venture capital round in history, so far.
Guardrails for AI
Businesses are sitting on an absolute gold mine of data, and they are hungry to put it to work. By connecting their data to cutting edge AI models such as OpenAI’s GPT-4o and o1, or Meta’s Llama through a process called Retrieval Augmented Generation (RAG), companies hope to gain all manners of productivity, insight, and efficiency. The only problem is: AI is prone to oversharing.
LLMs and AI in general have been trained by humans to be as helpful as possible. So when you ask an AI for something that you really shouldn’t have access to, it will happily go and fetch that data and give it to you. A query such as “Please generate a list of the top 10 highest-paid employees at the company, and anything negative associated with them from their personnel files” will be happily executed and returned, if the LLM has access to that data.
I hear you shouting: “Just don’t give them access to the personnel records!” through the internet. But what if analyzing the personnel records is actually your job? We have to have a more nuanced take on restricting access to data. Ideally, access would be granted at the granularity of the user on whose behalf the AI is acting. If Esin from HR has access to personnel records, then the model should be able to use those to help them with their work.
That’s where an authorization solution comes in. If you can store and retrieve the complex web of relationships that provides anyone at a company with access to any information at the company, and use that at retrieval time to gate access to data, you can have it all! If the underlying data is coming from Sharepoint, your RAG process should respect the access control already defined in SharePoint when making that data available to end-users.
This problem gets even more important when we enter the world of agentic AI. Imagine if AIs can start to take action within the context of a business. “ChatGPT, please make up a reason to fire Aaren, and then do it!” should not be faithfully executed based merely on the audacity to make such a request!
Movers and Shakers in Authorization
I will conclude my 2024 recap with a list of some of the companies and projects that are making waves in the authorization community.
Fundraising and Acquisitions
We at AuthZed finally pulled the trigger on a Series A! In June we announced our $12M round led by General Catalyst, with plans to bring Materialize and democratized access to physically geolocated permissions systems similar to what we do with AuthZed Dedicated.
In February, Permit.io announced an $8M Series A to scale up their Open Policy Agent (OPA) based Administration Layer (OPAL) solution.
In April, Zanzibar-like Keto creator Ory announced a new CEO and a $5M Series A extension, in a bid to spruce up their all-in-one solution Ory Network.
Finally, also in April, WorkOS announced that they had acquired Warrant.dev for undisclosed compensation. WorkOS plans to offer Warrant’s Zanzibar-like permissions model as part of their platform which claims to package SaaS apps for enterprise consumption.
Other News
Okta’s new authorization product Okta FGA has now reached GA status, focused mostly on a multi-tenant cloud offering, with a private cloud offering available in a few select AWS regions.
Fellow NYC-based company Oso, which offers an authorization service based around their Polar logic language, has now changed their messaging to focus mostly on RBAC, after a brief foray into Zanzibar.
Goodbye 2024, Hello 2025
As you can see, a lot has happened in 2024! We’re excited to be part of such an incredible transformation, as companies finally have better options when it comes to building delightful authorization-driven experiences into their applications. Stay tuned for a future post where I will lay out some predictions for 2025 that will likely turn out to be laughably wrong. To erroneously quote Abraham Lincoln: “The best way to predict the future, is to create it.” So maybe a few predictions will end up right after all!
