To control access to their data and resources, AWS users write policies that express fine-grained permissions. An authorization engine evaluates these policies trillions of times a day to determine if access is allowed. The authorization engine is a critical part of the security, availability, and correctness of AWS. To raise the bar in the security and correctness of this engine, we replaced it with a formally verified one. It was absolutely critical that users were not impacted by the change. Over a period of months and over quadrillion tests, we gathered data on the impact, and deployed the new verified engine. And then what happens? Come to the talk to find out.
Fri 25 OctDisplayed time zone: Pacific Time (US & Canada) change
09:00 - 10:30 | |||
09:00 90mKeynote | Trillions of Formally Verified Authorizations a day! Keynotes Neha Rungta Amazon Web Services | ||
Bio - Neha Rungta is a Director of Science in AWS. Neha is a world-renowned expert in developing and applying automated reasoning techniques to industrial systems. Neha’s work in AWS has broken new ground in the scale of automated reasoning applications. She has launched security services such as Amazon S3 Block Public Access, IAM Access Analyzer, and now, the Cedar language and Amazon Verified Permissions. Before AWS, Neha was a Research Scientist at NASA Ames Research Center where she verified the correctness of unmanned space systems and conflict detection algorithms used in commercial aircraft.
