Lesson 16 of 107 3 min

System Design: Building an Authorization Service

Design a production authorization service with RBAC, ABAC, policy evaluation, relationship-based permissions, caching, audit logs, consistency tradeoffs, and safe rollout patterns.

Reading Mode

Hide the curriculum rail and keep the lesson centered for focused reading.

Security Basics (Auth, Encryption)

Mental Model

Connecting isolated components into a resilient, scalable, and observable distributed web.

Security in a distributed system is built on two pillars: Authentication (AuthN) - Who are you? and Authorization (AuthZ) - What are you allowed to do?

1. Authentication (AuthN)

graph TD
    App[Application Server] -->|Read Request| Cache[(Redis Cache)]
    Cache -- Cache Miss --> DB[(Primary Database)]
    DB -- Return Data --> App
    App -- Write Data --> Cache
  • SSO/OAuth2: Standard for cross-service authentication.
  • JWT (JSON Web Tokens): Stateless authentication. The token contains claims signed by the server.
  • mTLS: Mutual TLS. Ensures both the client and server are who they say they are. (Used between microservices).

2. Authorization (AuthZ)

  • RBAC (Role-Based Access Control): Permissions assigned to roles (e.g., Admin, User).
  • ABAC (Attribute-Based Access Control): Permissions based on attributes (e.g., User is in Region X and it is after 9 AM).

3. Data Encryption

  • At Rest: Encryption on the disk (e.g., AWS KMS).
  • In Transit: Encryption over the wire (HTTPS/TLS).

Final Takeaway

Security is a Layered Approach (Defense in Depth). Never trust the internal network.

Technical Trade-offs: Database Choice

Model Consistency Latency Complexity Best Use Case
Relational (ACID) Strong High Medium Financial Ledgers, Transactions
NoSQL (Wide-Column) Eventual Low High Large-Scale Analytics, High Write Load
In-Memory Variable Ultra-Low Low Caching, Real-time Sessions

Key Takeaways

  • SSO/OAuth2: Standard for cross-service authentication.
  • ****JWT (JSON Web Tokens): Stateless authentication. The token contains claims signed by the server.
  • mTLS: Mutual TLS. Ensures both the client and server are who they say they are. (Used between microservices).

Production Readiness Checklist

Before deploying this architecture to a production environment, ensure the following Staff-level criteria are met:

  • High Availability: Have we eliminated single points of failure across all layers?
  • Observability: Are we exporting structured JSON logs, custom Prometheus metrics, and OpenTelemetry traces?
  • Circuit Breaking: Do all synchronous service-to-service calls have timeouts and fallbacks (e.g., via Resilience4j)?
  • Idempotency: Can our APIs handle retries safely without causing duplicate side effects?
  • Backpressure: Does the system gracefully degrade or return HTTP 429 when resources are saturated?

Want to track your progress?

Sign in to save your progress, track completed lessons, and pick up where you left off.

Previous Building Production Observability with OpenTelemetry and Grafana StackNext LessonDesigning for 99.999% Availability: The Five Nines Blueprint