Florian Jacob
Florian Jacob started to pursue his Ph.D. on the scientific foundations of Matrix at the Karlsruhe Institute of Technology in 2019, and has since worked there as a scientific staff member in the Decentralized Systems and Network Services research group. His research interests are the security and resilience of decentralized communication and collaboration systems like Matrix, specifically in formalizing and verifying the properties of event authorization and dissemination in the systems' replicated data structures.
Session
Access control is the core of any system's security, but usually provided by a single, centralized server. However, access control in a Matrix room is decentralized: every participating server independently decides who is authorized to send and receive which events, without consulting any other server. To the surprise of many, these decisions are still eventually consistent even if all but one server is malicious, but seeing why requires a new way of thinking about access control. I will explain the necessary design patterns from decentralized systems science, and show how they can be weaved together for a practical explanation of what Matrix is, and why Matrix can reach its astonishing levels of security and resilience.