SecAppDev 2024 lecture details

Introduction to Macaroons

A deep dive into the workings of Macaroons, a novel authorization technique developed by Google. Learn the unique capabilities of this exciting new technology and how it is being deployed by multiple companies to secure the cloud.

Wednesday June 5th, 14:00 - 15:30
Room Lemaire
Download handouts
Abstract

Macaroons are a novel approach to authorization, based on cryptographic tokens that can be attenuated at any time by adding “caveats”. Introduced by a Google research paper in 2014, Macaroons have seen recent adoption by some cloud providers and OAuth2 servers.

In this session, we’ll describe in detail what Macaroons are, how they are implemented, and when they are useful. We will compare and contrast with other well-known standards such as JSON Web Tokens. Finally, we will look at some more recent token formats such as Biscuits that build on Macaroons.

Key takeaway

Learn when to use Macaroons vs other technologies for authentication tokens.

Content level

Introductory

Target audience

Back-end and front-end developers, technical architects, identity professionals.

Prerequisites

Basic knowledge of cryptography, in particular what a MAC is, digital signatures, encryption.

Join us for SecAppDev. You will not regret it!

Neil Madden
Neil Madden

Founder and CEO, Illuminated Security Ltd

Expertise: Application security and applied cryptography

More details

Join us for SecAppDev. You will not regret it!

Related lectures

SecAppDev offers the most in-depth content you will find in a conference setting