Macaroons: More Cookie Than Cookie

Understand a modern, flexible and decentralized way to provide authorization controls on resources and microservices

Google Research has given us Macaroons (no, not the fancy, delicious cookies). Google’s Macaroons are an authorization model with support for contextually controlled caveats and the simplicity of a regular cookie. This allows a fine-grained and flexible approach to delegating privilege to principals in a decentralized way, allowing you to protect resources.

Brian Sletten introduces the underlying principles of Macaroons as he walks you through applying them in practice with nontrivial delegation scenarios, demonstrating how to build systems with strong controls as well as the freedom to transfer privileges to others with more narrow constraints.

The combination of simplicity, flexibility, and sophistication is a rare and desirable goal for modern security controls. Even if you aren’t interested in putting Macaroons in practice in your own work, it is worth diving deeper just to gain exposure to a technology with these properties.

About Brian Sletten

Brian Sletten is a liberal arts-educated software engineer with a focus on forward-leaning technologies. His experience has spanned many industries including retail, banking, online games, defense, finance, hospitality and health care. He has a B.S. in Computer Science from the College of William and Mary and lives in Auburn, CA. He focuses on web architecture, resource-oriented computing, social networking, the Semantic Web, AI/ML, data science, 3D graphics, visualization, scalable systems, security consulting and other technologies of the late 20th and early 21st Centuries. He is also a rabid reader, devoted foodie and has excellent taste in music. If pressed, he might tell you about his International Pop Recording career.

More About Brian »