Speaker:Michael Hicks

Title: Cedar: A language for expressing fast, safe, and fine-grained authorization policies

Abstract

Cedar is a new open-source authorization policy language developed as the core of AWS's recently released Amazon Verified Permissions (Amazon VP) service. Cedar policies are used to express fine-grained permissions on behalf of applications. Cedar was designed to be ergonomic, fast, safe, and analyzable. Cedar’s simple and intuitive syntax supports common authorization use-cases with easy-to-understand policies. Cedar’s policy structure ensures that access requests can be authorized quickly. Cedar's policy validator leverages optional typing to help policy writers avoid mistakes but not get in their way. Cedar's design has been finely balanced to enable a sound and complete logical encoding, which allows analysts to precisely reason about what policies do, e.g., to ensure that when refactoring a set of policies, the authorized permissions do not change.

Cedar is built using a high-assurance process we call verification-guided development. Its authorization engine and validator are formally modeled in the Dafny programming language. Cedar’s core development team proves safety and security properties about those models in Dafny, and runs millions of automated differential tests to check that the implementations of the Cedar authorization engine and validator, written in Rust, agree with the Dafny models.

The first half of the talk will introduce Cedar, and the second half will focus on verification-guided development, and in particular on the open and interesting challenges we've faced with automated testing.

Learn more about Cedar at https://www.cedarpolicy.com/ (and https://github.com/cedar-policy) and Amazon VP at https://aws.amazon.com/verified-permissions/.

Bio

Mike Hicks is a Senior Principal Scientist at Amazon Web Services, and Professor Emeritus at the University of Maryland. His research explores programming languages and security. He is a Fellow of the Association of Computing Machinery (ACM), Editor-in-Chief of Proceedings of the ACM on Programming Languages, and prior Chair of ACM's Special Interest Group on Programming Languages. He co-leads the development of Cedar, the policy language underpinning the new Amazon Verified Permissions authorization service.