Nikita Chhatre

This technical talk presents a real-world case study of building a secure, scalable third-party application integration platform within Amazon's Seller Central marketplace. Launched in December 2024, this system enables external developers to embed their applications directly within Amazon's seller-facing interfaces while maintaining strict security boundaries and user experience standards.

The presentation explores three key technical challenges and their solutions: (1) reducing developer integration complexity from 3 months to 2 weeks through SDK design, (2) minimizing authentication friction that caused 30-47% user drop-off by consolidating OAuth flows, and (3) implementing iframe-based security sandboxing that balances isolation with functionality.

Students will learn about distributed systems architecture patterns including token-based authentication, API gateway design, and multi-tenant security models. The talk demonstrates how theoretical computer science concepts—such as OAuth 2.0, Content Security Policies, and microservices architecture—are applied to solve practical engineering problems at scale (564,800+ sellers reached).

Key technical topics include: iframe security architecture, JavaScript SDK design for developer experience, authentication flow optimization, data connector patterns for near-native integration, and metrics-driven product development. The presentation also addresses real-world engineering trade-offs between security and performance, developer flexibility and governance, and time-to-market versus feature completeness.

Target Audience: Students in Computer Science, particularly those studying distributed systems, software engineering, web security, or API design.

Prerequisites: Basic understanding of web technologies (HTTP, REST APIs), authentication concepts, and software architecture patterns.

Learning Outcomes:

• Understand real-world application of OAuth 2.0 and token-based authentication
• Learn iframe security model and Content Security Policy implementation
• Explore SDK design principles for developer experience
• Analyze engineering trade-offs in large-scale platform development
• See how metrics drive iterative product improvement

Biography:

Rashmesh Radhakrishnan

The thundering herd is more than a textbook problem—it’s a silent predator in distributed systems. It waits until scale, timing, and architecture align, then strikes with sudden waves of synchronized demand that can cripple even robust designs.

This talk pulls back the curtain on how the thundering herd sneaks into microservices, operating systems, and especially IoT deployments where periodic patterns amplify its force. We’ll explore real-world behaviors that expose hidden fragilities, and why fixes that look obvious on paper often fail in practice.

Rather than a checklist of remedies, this session offers a way of thinking: how to spot herd dynamics before they stampede, and how to design systems that absorb pressure instead of collapsing under it.

Biography:

Rashmesh Radhakrishnan is a Senior Software Engineer specializing in large-scale secure platforms and device connectivity systems. His work focuses on security-critical onboarding and provisioning architectures that establish device identity, account association, and trust across distributed ecosystems. He has led core security components at Amazon and Apple that support device activation and recovery at global scale. Rashmesh is an inventor on multiple granted U.S. patents in secure device association and provisioning. Based in Seattle since 2015, he remains actively engaged in the region’s technology and research community through IEEE and related initiatives.