ZTAuth* redefines authentication, authorization, and trusted delegation to address the challenges of disconnected systems in edge and IoT environments. By leveraging transferable, versionable, and resilient models, it aligns with Zero Trust principles while embracing CAP theorem constraints and eventual consistency. PermGuard is actively implementing this architecture to deliver scalable and secure policy-driven solutions for distributed systems. The Permguard Auth* Provider allows enterprises to specify who or what can access resources by the means of fine-grained permissions: Who: Identities (Users and Actors) authenticated in the application Can Access: Permissions granted by attaching policies Resources: Resources targeted by permissions Developers use implement the Permguard Policy Enforcement Point using available SDKs, and call the PermGuard Authorization API, sending the principal with its JWT token--to protect against types of attacks such as: Authorization Inference Attack Excessive Data Exposure Side-Channel Attack on Authorization Privilege Escalation Passing the token JWT in the PDP authorization request can avoid sharing information with the PEP, adding a mechanism for trusted delegation. The Permguard PDP can run as a "remote service" or a "proximity service", the latter of which achieves low network latency by operating on an eventual consistent basis for policies. In this livestream, we'll discuss PermGuard and how why systems like this are causing enterprises to re-think authorization.