How Airbnb securely manages permissions for our large team of employees, contractors, and call center staff.
Overview
Airbnb's article discusses their centralized access management system designed to enforce the principle of least privilege at scale. The platform improves security, compliance, and usability while allowing employees to manage permissions efficiently across various systems.
What You'll Learn
1
How to implement a centralized access control system for managing permissions
2
Why usage-based expiration enhances security and user experience
3
How to integrate various permission stores with a central access control platform
Key Questions Answered
What is the principle of least privilege and why is it important?
The principle of least privilege dictates that employees should have only the permissions necessary for their job at any given moment. This minimizes risk from malicious actions or mistakes and is increasingly a legal requirement for companies handling sensitive data.
How does Airbnb's access control system improve security?
Airbnb's access control system allows for consistent implementation of least privilege features across all systems, such as usage-based expiration, which automatically revokes unused permissions. This enhances security by reducing unnecessary access and notifying users about upcoming changes.
What architecture does Airbnb use for its access control platform?
Airbnb's access control platform is built on a linear five-stage architecture where each stage communicates with the previous one. This design allows for efficient management of permissions and integration with various permission stores without direct interaction.
What are the benefits of a centralized access control platform?
The centralized access control platform at Airbnb has improved security by enabling consistent compliance changes, enhanced usability by providing a single interface for permission requests, and improved developer experience through easy integration with permission stores.
Key Statistics & Figures
Users with access to System X
Dropped by two thirds
This occurred after implementing usage-based expiration at the end of April.
Technologies & Tools
Some links below are affiliate links. We may earn a commission if you make a purchase.
Backend
AWS IAM
Used as a permission store within the access control architecture.
Backend
Ldap
Serves as an employee data system for managing employee information.
Backend
Apache Ranger
Acts as a permission store that integrates with the access control platform.
Database
Mysql
Utilized as a permission store within the architecture.
Backend
Himeji
Another internal system mentioned as a permission store.
Key Actionable Insights
1Implement a centralized access control system to streamline permission management across your organization.This approach reduces operational overhead and enhances security by ensuring consistent application of least privilege policies across all systems.
2Utilize usage-based expiration for permissions to automatically revoke access that is not actively used.This feature not only improves security by cleaning up unnecessary permissions but also enhances user experience by ensuring that users retain access to the permissions they actively use.
3Ensure that your access control system can integrate with various permission stores without modification.This flexibility allows for easier synchronization of permission changes and reduces the engineering effort required for integration.
Common Pitfalls
1
Failing to centralize access management can lead to operational burdens and security risks.
Without a unified system, managing permissions across multiple platforms can become complex and error-prone, leading to excessive permissions and compliance challenges.
2
Overcomplicating permission management systems can create technical debt.
Prior systems at Airbnb became dumping grounds for one-off authorization code, which complicated maintenance and hindered scalability.
Related Concepts
Access Management
Principle Of Least Privilege
Permission Lifecycle Management
Compliance In Data Privacy