Code Room
System designHardsd-g222
Subject Authorization at scaleLevel Senior–Staff~50 minCommon in Security · Databases & SQL interviewsIndustries Technology, Software development

Question

Design a centralized authorization service (Zanzibar-style) for a document collaboration product with 200M documents, deeply nested folders, and group-based sharing where a single 'can user U view doc D?' check may traverse thousands of relationship tuples. Target: p99 check latency under 10ms at 500K checks/sec, and a guarantee that a user who was just removed from a folder cannot still read its children. How do you store relationships, evaluate nested checks fast, and avoid the 'new enemy' problem where stale caches leak access after a revoke?

What a strong answer looks like

Clarify scale and constraints first. Propose a clean component breakdown, then go deep on the hard parts — data model, bottlenecks, consistency, failure modes — and name the trade-offs you are making.

Narrate your design
Loading whiteboard…
Run or narrate your approach, then ask the coach.