Update Jul 29, 2021: The Papers We Love video is available and included in this post.
Google's Zanzibar paper was the initial inspiration for Authzed and continues to provide insight as we build our product. But we're not the only ones interested in this technology: the broader software community has also taken an interest in activity around Zanzibar-inspired permissions systems.
(A recent Google trends search corroborates this observation.)
Coincidentally, our CEO Jake recently presented the Zanzibar paper for Papers We Love, and his talk included a survey of the current landscape of (known) Zanzibar-based implementations. In this talk, he collected the following implementations and reviewed each of them against a rubric.
The rubric comprises a set of subjective measures intended to accentuate the design decision differences between the services.
Zanzibar Scorecard
- Paper faithfulness: How closely does the implementation follow the original paper?
- Scalability: Is the implementation distributed?
- CAP Compromise: What CAP trade-offs are taken?
- New enemy?: Does the implementation support zookies?
- Dev UX: Are supporting developer tools provided?
The video of his talk includes the detailed discussion of each of these services and we'll post a link as soon as it becomes available is available to view now:
Can you guess how each service did according to Jake's scorecard?
Here's the scorecard for Airbnb's Himeji as a preview.
Airbnb Himeji
Criteria | Score |
---|---|
Paper faithfulness | Medium |
Scalability | High |
CAP Compromise | AP |
New enemy? | No zookies |
Dev UX | Average |
{style="width: unset"} |
Share your thoughts in the Zanzibar discord or introduce any new Zanzibar-inspired implementations not covered yet.
Image credit: dschenkelman
Additional Reading
If you’re interested in learning more about Authorization and Google Zanzibar, we recommend reading the following posts: