BestHub
Sign in
Tagged articles
265 articles
Page 1 of 3
James' Growth Diary
James' Growth Diary
May 19, 2026 · Information Security

Securing AI Tool Calls with PermissionGate and BashSandbox: A Deep Dive

The article analyzes the security challenges of AI coding assistants that can read files, run shell commands, and call external APIs, and presents a layered defense architecture—PermissionGate for tool‑level gating and BashSandbox for command‑level filtering—detailing design principles, risk classifications, user‑authorization flows, and prompt‑injection detection.

AI securityBashSandboxPermissionGate
0 likes · 28 min read
Securing AI Tool Calls with PermissionGate and BashSandbox: A Deep Dive
ITPUB
ITPUB
Mar 30, 2026 · Information Security

Essential Network Security FAQ: 100+ Key Concepts Explained

This comprehensive guide defines network security, outlines its core attributes, enumerates common threats and attack types, and provides practical mitigation strategies, covering everything from encryption basics and access controls to advanced topics like zero‑day vulnerabilities, zero‑trust architecture, and security automation.

Threatsaccess controlcybersecurity
0 likes · 44 min read
Essential Network Security FAQ: 100+ Key Concepts Explained
AI Waka
AI Waka
Mar 25, 2026 · Information Security

Why Enterprise AI Agents Pose Security Risks and How to Govern Them

The article examines the hidden governance gap of powerful enterprise AI agents, shares real‑world failures from the OpenClaw platform, and proposes a practical AAAA (Access, Authority, Audit, Abort) framework to safely deploy autonomous assistants in production environments.

AI agentsOpenClawaccess control
0 likes · 13 min read
Why Enterprise AI Agents Pose Security Risks and How to Govern Them
ITPUB
ITPUB
Mar 23, 2026 · Information Security

Essential Network Security Q&A: From Fundamentals to Advanced Threats

This comprehensive guide answers 100 common network security questions, covering basic concepts, core properties, threat sources, attack types, encryption methods, access controls, incident response, and emerging technologies such as zero‑trust, quantum encryption, and SOAR.

ThreatsVulnerabilityaccess control
0 likes · 44 min read
Essential Network Security Q&A: From Fundamentals to Advanced Threats
IT Services Circle
IT Services Circle
Feb 26, 2026 · Interview Experience

Master C++ friend: 5 Levels of Usage Every Interview Candidate Should Know

This article walks through the five practical levels of using C++ friend— from a quick syntax recap to operator overloads, factory functions, iterator access, swap idiom, and the Passkey pattern—explaining when and why each scenario warrants a friend declaration and how it impacts encapsulation and interview performance.

CDesign Patternsaccess control
0 likes · 14 min read
Master C++ friend: 5 Levels of Usage Every Interview Candidate Should Know
Aikesheng Open Source Community
Aikesheng Open Source Community
Jan 13, 2026 · Databases

Enforcing Client IP‑Based Access Control in MySQL InnoDB Cluster via Router

This article explains how to overcome MySQL InnoDB Cluster’s IP‑address loss and lack of Proxy Protocol by injecting real client IPs through MySQL Router connection attributes, configuring init_connect, creating a monitoring database and stored procedure, and testing access control for specific user‑IP ranges.

Database SecurityInnoDB ClusterRouter
0 likes · 8 min read
Enforcing Client IP‑Based Access Control in MySQL InnoDB Cluster via Router
ITPUB
ITPUB
Jan 10, 2026 · Information Security

How Oracle Secures Databases: Deep‑Defense Strategies and Domestic DB Comparison

This article examines the multi‑layered threats facing modern databases, outlines Oracle's comprehensive security capabilities—from firewalls and encryption to auditing and immutable tables—and compares them with the security features of leading domestic database products.

Database SecurityOracleaccess control
0 likes · 27 min read
How Oracle Secures Databases: Deep‑Defense Strategies and Domestic DB Comparison
DevOps Coach
DevOps Coach
Jan 8, 2026 · Information Security

Why VPNs Are Obsolete: 12 Top Zero‑Trust Tools to Secure Your Network

This article explains why traditional VPNs are increasingly insecure, outlines the core principles of zero‑trust security, reviews twelve leading zero‑trust solutions with features, real‑world red‑team examples and quick‑setup commands, and provides a step‑by‑step migration guide from VPN to zero‑trust.

Red TeamVPN replacementZero Trust
0 likes · 21 min read
Why VPNs Are Obsolete: 12 Top Zero‑Trust Tools to Secure Your Network
Architect Chen
Architect Chen
Jan 8, 2026 · Information Security

How Single Sign-On (SSO) Simplifies Access Across Multiple Apps

Single Sign-On (SSO) lets users authenticate once and automatically gain access to all trusted applications, eliminating repeated logins and streamlining user experience across heterogeneous systems such as e‑commerce, payment, and collaboration platforms.

AuthenticationCASSSO
0 likes · 5 min read
How Single Sign-On (SSO) Simplifies Access Across Multiple Apps
Java Architect Handbook
Java Architect Handbook
Dec 26, 2025 · Information Security

Mastering Permission Management: From Basic RBAC to Advanced Role‑Inheritance Models

This article explains why fine‑grained permission management is essential for data security, walks through classic RBAC, role‑inheritance (RBAC1), constrained RBAC (RBAC2), user groups, organization‑based and position‑based roles, and presents both standard and ideal database schemas for implementing these models.

Constraint ModelingRBACRole Inheritance
0 likes · 18 min read
Mastering Permission Management: From Basic RBAC to Advanced Role‑Inheritance Models
Tencent Cloud Developer
Tencent Cloud Developer
Dec 24, 2025 · Backend Development

How IMA Scaled Its AI Knowledge Base from Monolith to Micro‑services

This article walks through the end‑to‑end design of IMA's AI‑driven knowledge base, covering its definition, core business flow, architecture evolution, data ingestion pipelines, management challenges, asynchronous processing, permission modeling, and the business value demonstrated by the prototype.

AI ArchitectureData ConsistencyKnowledge Base
0 likes · 14 min read
How IMA Scaled Its AI Knowledge Base from Monolith to Micro‑services
Top Architect
Top Architect
Dec 13, 2025 · Information Security

Why Many Developers Avoid Using JWT: Risks and Drawbacks Explained

This article introduces JSON Web Tokens (JWT), explains how they work in authentication flows, and examines their major drawbacks such as token size overhead, redundant signatures, revocation challenges, stale data risks, and lack of encryption, concluding that JWTs are suited for short‑lived claims but not for long‑term session management.

JWTTokenWeb Development
0 likes · 11 min read
Why Many Developers Avoid Using JWT: Risks and Drawbacks Explained
Aikesheng Open Source Community
Aikesheng Open Source Community
Dec 7, 2025 · Information Security

How to Secure AI Vector Embeddings in MySQL: Risks and Best Practices

AI applications rely on vector embeddings for search and recommendation, but these rich vectors expose new security and privacy threats; this article explains the main risks, attack methods, and mature MySQL strategies—including secure storage, access control, encryption, auditing, and compliance—to protect vector data.

AI securityData Protectionaccess control
0 likes · 12 min read
How to Secure AI Vector Embeddings in MySQL: Risks and Best Practices
IT Services Circle
IT Services Circle
Nov 25, 2025 · Information Security

Designing a Scalable Three‑Tier Permission Model: Functional, Data, and Approval

This article examines the evolution of digital permission architectures, explains why traditional RBAC falls short for multi‑dimensional data control, and compares four concrete data‑permission implementations before presenting a hybrid solution that avoids role explosion while delivering precise, module‑level data access.

Data PermissionRBACSoftware Architecture
0 likes · 10 min read
Designing a Scalable Three‑Tier Permission Model: Functional, Data, and Approval
Top Architect
Top Architect
Nov 17, 2025 · Information Security

Mastering Permission Management: From Basic RBAC to Advanced Role‑Inheritance Models

This article explains why strict permission management is essential for data security, walks through the evolution of access‑control models—from simple user‑permission tables to classic RBAC, RBAC1, RBAC2, role inheritance, constraints, user groups, organizational mapping, and finally presents ideal database schemas for scalable, maintainable permission systems.

Backend SecurityRBACRole Inheritance
0 likes · 18 min read
Mastering Permission Management: From Basic RBAC to Advanced Role‑Inheritance Models
Su San Talks Tech
Su San Talks Tech
Nov 13, 2025 · Information Security

Designing Scalable Permission Systems: From Basic RBAC to Advanced Role Hierarchies

This article explains why permission management is essential, outlines basic and advanced permission models—including RBAC, role inheritance, constraints, user groups, organizations, and positions—and provides detailed table designs for both standard and ideal RBAC implementations, helping developers build scalable, secure access control systems.

Database designPermission DesignRBAC
0 likes · 18 min read
Designing Scalable Permission Systems: From Basic RBAC to Advanced Role Hierarchies
IT Architects Alliance
IT Architects Alliance
Oct 10, 2025 · Information Security

How to Secure Distributed Permissions: Zero Trust Strategies & Code

This article examines the exponential growth of permission complexity in micro‑service architectures, outlines zero‑trust design principles, and provides concrete Java and YAML implementations for fine‑grained, context‑aware access control, caching, dynamic evaluation, and audit monitoring.

Distributed SystemsSecurityZero Trust
0 likes · 11 min read
How to Secure Distributed Permissions: Zero Trust Strategies & Code
Open Source Linux
Open Source Linux
Oct 10, 2025 · Information Security

How Can Companies Prevent Employees from Leaking Source Code? Strategies and Realities

The article explores how companies can safeguard source code from employee leaks, discussing strategies ranging from generous compensation and strict permission controls to advanced sandbox and virtualization solutions, while also weighing the true commercial value of proprietary code and the cost‑benefit of heavy security measures.

Virtualizationaccess controlinformation security
0 likes · 5 min read
How Can Companies Prevent Employees from Leaking Source Code? Strategies and Realities
Liangxu Linux
Liangxu Linux
Oct 1, 2025 · Information Security

How Can Companies Prevent Employees from Leaking Source Code? Practical Strategies

This article compiles several expert answers on protecting corporate source code from employee leakage, covering monetary incentives, permission segmentation, strict auditing, sandbox/virtualization solutions, cost‑benefit considerations, and why most internal code may not be worth heavy protection.

Virtualizationaccess controlaudit
0 likes · 6 min read
How Can Companies Prevent Employees from Leaking Source Code? Practical Strategies
Java Tech Enthusiast
Java Tech Enthusiast
Sep 26, 2025 · Information Security

How a Fired Engineer Crippled Eaton's Global Systems with Malicious Java Code

A senior Java developer at Eaton Corporation sabotaged the company's global production system with malicious code before his dismissal, causing a massive outage, data loss, and a four‑year prison sentence, highlighting the severe risk of insider threats and the need for robust access controls and monitoring.

Javaaccess controlcybersecurity
0 likes · 7 min read
How a Fired Engineer Crippled Eaton's Global Systems with Malicious Java Code
IT Services Circle
IT Services Circle
Sep 4, 2025 · Information Security

How a 55‑Year‑Old Engineer Sabotaged Eaton’s Global Network – Key InfoSec Lessons

A senior programmer at Eaton, fearing layoff, secretly embedded Java malware that created endless threads and a kill‑switch, causing a worldwide outage and costing tens of thousands of dollars, ultimately leading to a four‑year prison sentence and highlighting the critical risk of insider threats.

access controlcybersecurityinsider threat
0 likes · 7 min read
How a 55‑Year‑Old Engineer Sabotaged Eaton’s Global Network – Key InfoSec Lessons
Java Web Project
Java Web Project
Sep 1, 2025 · Information Security

Why the Word “User” Is Killing Your Software Security and Design

The article argues that the vague term “user” misleads software design, illustrates the problem with airline reservation, Unix, and SaaS examples, shows how it creates security flaws like the Confused Deputy issue, and urges precise terminology early in projects to avoid costly rework.

SaaSSecurityTerminology
0 likes · 8 min read
Why the Word “User” Is Killing Your Software Security and Design
Open Source Tech Hub
Open Source Tech Hub
Aug 24, 2025 · Information Security

Mastering PHP-Casbin: A Lightweight, Cross‑Framework Permission Solution

PHP‑Casbin is an open‑source, lightweight permission framework for PHP that separates policy from model, supports multiple access‑control models (ACL, RBAC, ABAC, etc.), integrates with popular frameworks via Composer, offers dynamic policy management, caching, and multi‑tenant capabilities, solving common permission pitfalls in SaaS, e‑commerce, and government systems.

ABACCasbinPHP
0 likes · 12 min read
Mastering PHP-Casbin: A Lightweight, Cross‑Framework Permission Solution
Top Architect
Top Architect
Aug 21, 2025 · Backend Development

Build a Dynamic IP Blacklist with Nginx, Lua, and Redis

This guide explains how to create a dynamic IP blacklist that blocks malicious or abusive requests by configuring Nginx with Lua scripts and Redis, covering requirements, environment setup, design options, nginx.conf changes, Lua implementation, and the benefits of this lightweight, distributed solution.

Backendaccess control
0 likes · 11 min read
Build a Dynamic IP Blacklist with Nginx, Lua, and Redis
php Courses
php Courses
Aug 21, 2025 · Fundamentals

When and How to Use C++ Friend Functions and Classes Effectively

Friend functions and friend classes in C++ provide controlled access to private and protected members, useful for operator overloading, tightly coupled classes, and global utilities, but must be used judiciously due to their asymmetry, non‑transitivity, and potential to break encapsulation; this guide explains concepts, syntax, examples, and best practices.

CEncapsulationaccess control
0 likes · 9 min read
When and How to Use C++ Friend Functions and Classes Effectively
Open Source Tech Hub
Open Source Tech Hub
Aug 20, 2025 · Backend Development

Build a High‑Performance RBAC System in Webman with Casbin and ThinkORM

This guide walks PHP developers through designing a relational database schema and implementing a role‑based access control (RBAC) system in the Webman framework by integrating Casbin for policy enforcement and ThinkORM for elegant ORM handling, complete with configuration, model definitions, and middleware.

BackendCasbinPHP
0 likes · 13 min read
Build a High‑Performance RBAC System in Webman with Casbin and ThinkORM
Open Source Tech Hub
Open Source Tech Hub
Aug 5, 2025 · Information Security

Mastering Fine-Grained Access Control in PHP with Casbin

This article explains how PHP‑Casbin implements the PERM model to provide flexible, lightweight, and multi‑model access control for PHP applications, covering its architecture, supported ACL/RBAC/ABAC models, configuration syntax, cross‑language ecosystem, storage options, framework integrations, and practical use cases.

AuthorizationBackendCasbin
0 likes · 6 min read
Mastering Fine-Grained Access Control in PHP with Casbin
Liangxu Linux
Liangxu Linux
Aug 3, 2025 · Information Security

Why Calling Everyone a “User” Undermines Security and Design

The article explains how the vague term “user” leads to flawed requirements, security vulnerabilities such as the Confused Deputy problem, and costly redesigns, urging developers to adopt precise terminology like “traveler”, “agent”, or “member” early in a project.

Terminologyaccess controlsoftware design
0 likes · 7 min read
Why Calling Everyone a “User” Undermines Security and Design
Code Ape Tech Column
Code Ape Tech Column
Jul 22, 2025 · Information Security

Mastering Access Control: From ACL to RBAC and Beyond

This article explains the fundamentals and practical applications of major permission models—including ACL, DAC, MAC, ABAC, and RBAC—detailing their principles, examples, advantages, drawbacks, and how to implement them effectively in real-world systems.

AuthorizationRBACaccess control
0 likes · 15 min read
Mastering Access Control: From ACL to RBAC and Beyond
Architect's Guide
Architect's Guide
Jul 18, 2025 · Information Security

Why Permission Management Matters: Designing Effective RBAC Models

This article explains why strict permission management is essential for data security, outlines various permission models—from basic data‑view and edit rights to hierarchical RBAC, RBAC1, RBAC2, role inheritance, constraints, user groups, organizations and positions—and provides guidance on designing ideal database tables for robust access control.

RBACRole Inheritanceaccess control
0 likes · 18 min read
Why Permission Management Matters: Designing Effective RBAC Models
IT Architects Alliance
IT Architects Alliance
Jun 25, 2025 · Information Security

Why Effective Permission Management Matters and How to Build Scalable RBAC Models

This article explains why strict permission management is essential for data security, outlines various permission models—including basic RBAC, role inheritance, and constrained RBAC—and provides practical guidance on designing tables, roles, groups, and organizational structures for scalable access control.

RBACRole Inheritanceaccess control
0 likes · 16 min read
Why Effective Permission Management Matters and How to Build Scalable RBAC Models
Architecture and Beyond
Architecture and Beyond
Jun 21, 2025 · Information Security

How Permission Control Can Make or Break Your SaaS Product (Design Tips)

Permission control is a critical, often overlooked component of SaaS products; this article explains why it matters, outlines core concepts, compares ACL, RBAC, and ABAC models, discusses SaaS-specific challenges like multi‑tenant isolation, and offers practical design, implementation, and performance‑optimization guidelines.

PermissionsRBACSaaS
0 likes · 21 min read
How Permission Control Can Make or Break Your SaaS Product (Design Tips)
Architect's Must-Have
Architect's Must-Have
Jun 17, 2025 · Information Security

Designing Scalable Permission Systems: From Basic RBAC to Advanced Models

This article explains why permission management is essential, outlines various permission models—including basic RBAC, role inheritance, constrained RBAC, and their extensions with user groups, organizations, and positions—and provides practical table designs for implementing a robust access‑control system.

Permission DesignRBACRole Inheritance
0 likes · 18 min read
Designing Scalable Permission Systems: From Basic RBAC to Advanced Models
Su San Talks Tech
Su San Talks Tech
Jun 17, 2025 · Backend Development

Mastering Data Permission Architectures: Four Practical Models for Scalable Systems

This article examines the evolution of permission frameworks in digital systems, explains functional, data, and approval permissions, and compares four concrete data‑permission implementations, highlighting their trade‑offs and presenting a refined model that balances role management with fine‑grained data access.

Backend ArchitectureData PermissionRBAC
0 likes · 10 min read
Mastering Data Permission Architectures: Four Practical Models for Scalable Systems
MaGe Linux Operations
MaGe Linux Operations
May 31, 2025 · Information Security

Master JumpServer: Complete Guide to Installing, Configuring, and Using a Bastion Host

This comprehensive guide explains what a bastion host is, why it’s needed, its core functions, and provides step‑by‑step instructions for downloading, installing, configuring, and operating JumpServer—including user and asset management, command filtering, audit tools, and email integration—so you can secure privileged access and simplify operations.

Bastion HostInstallationJumpServer
0 likes · 13 min read
Master JumpServer: Complete Guide to Installing, Configuring, and Using a Bastion Host
Huolala Safety Emergency Response Center
Huolala Safety Emergency Response Center
Apr 14, 2025 · Information Security

How a Key Gateway Secures Third‑Party API Calls and Prevents Key Leaks

This article analyzes the security risks of exposing third‑party service keys in modern applications, examines traditional and ideal key‑management approaches, and presents a detailed design of a Key Gateway that centralizes signing, encryption, token handling, multi‑tenant support, and robust exception management to protect sensitive credentials.

API Securityaccess controlencryption
0 likes · 17 min read
How a Key Gateway Secures Third‑Party API Calls and Prevents Key Leaks
Code Ape Tech Column
Code Ape Tech Column
Apr 14, 2025 · Information Security

Understanding Common Access Control Models: ACL, DAC, MAC, ABAC, and RBAC

This article explains the five mainstream access control models—ACL, DAC, MAC, ABAC, and RBAC—detailing their principles, examples, advantages, drawbacks, and practical extensions such as role hierarchies, constraints, and real‑world system design considerations for user, role, and permission management.

ACLAuthorizationPermissions
0 likes · 18 min read
Understanding Common Access Control Models: ACL, DAC, MAC, ABAC, and RBAC
Top Architect
Top Architect
Feb 15, 2025 · Information Security

Designing Secure Third‑Party API Authentication with AK/SK, Signatures and Token Mechanisms

The article presents a comprehensive design for securing third‑party API calls by generating unique Access Key/Secret Key pairs, defining permission scopes, implementing signature generation and verification, employing timestamps and nonces to prevent replay attacks, and outlining practical API endpoint specifications and response standards.

Javaaccess control
0 likes · 33 min read
Designing Secure Third‑Party API Authentication with AK/SK, Signatures and Token Mechanisms
MaGe Linux Operations
MaGe Linux Operations
Feb 14, 2025 · Information Security

How to Harden Nginx: Essential Security Practices for Safer Web Servers

This guide provides a comprehensive, step‑by‑step hardening roadmap for Nginx, covering version hiding, directory protection, HTTPS enablement, custom error pages, CSP, file permissions, security headers, connection limits, IP whitelisting, SSL optimization, secure file uploads, common attack mitigations, logging best practices, and additional hardening measures to protect web services from a wide range of threats.

CSPHTTPSNGINX
0 likes · 31 min read
How to Harden Nginx: Essential Security Practices for Safer Web Servers
Architecture Digest
Architecture Digest
Jan 22, 2025 · Information Security

Design and Evolution of Permission Management Models (RBAC)

This article explains why permission management is essential, describes various permission models from basic data‑view and edit rights to hierarchical menu and button controls, introduces role‑based access control (RBAC) and its extensions such as role inheritance, constraints, user groups, organizations and positions, and finally presents ideal RBAC table designs for large‑scale systems.

AuthorizationRBACRole-Based Access
0 likes · 14 min read
Design and Evolution of Permission Management Models (RBAC)
Selected Java Interview Questions
Selected Java Interview Questions
Nov 27, 2024 · Backend Development

Designing a Flexible Permission Control System with Java Annotations and Spring AOP

This article explains how to build a scalable, maintainable permission control framework in Java by defining custom annotations, designing relational database tables, and using Spring AOP to intercept method calls for organization‑level, personal, limit, and special‑role checks, while providing implementation details and best‑practice recommendations.

BackendJavaaccess control
0 likes · 21 min read
Designing a Flexible Permission Control System with Java Annotations and Spring AOP
Efficient Ops
Efficient Ops
Nov 13, 2024 · Information Security

How Leading Companies Stop Insider Data Theft: Real Ops & Security Practices

This article compiles practical insights from Zhihu discussions and real‑world experience on preventing insider spying and tampering with databases, covering least‑privilege policies, mutual supervision, strict access controls, audit mechanisms, and cultural factors that shape effective information security operations.

Database Securityaccess controlaudit
0 likes · 11 min read
How Leading Companies Stop Insider Data Theft: Real Ops & Security Practices
Programmer DD
Programmer DD
Nov 13, 2024 · Information Security

How I Stopped a Sudden CDN Traffic Surge with Quick Security Tweaks

After receiving unexpected CDN usage alerts, I investigated the spike, identified a malicious IP, and applied access‑control blacklists, anti‑leech settings, UA blocking, and usage‑cap limits, which instantly reduced bandwidth and traffic, illustrating effective CDN security measures.

CDNaccess controlanti-leech
0 likes · 5 min read
How I Stopped a Sudden CDN Traffic Surge with Quick Security Tweaks
Data Thinking Notes
Data Thinking Notes
Oct 14, 2024 · Information Security

12 Critical Data Security Risks Every Enterprise Must Address

From data lifecycle vulnerabilities to inadequate audit coverage, API misconfigurations, weak privileged access, and insufficient encryption, this article outlines twelve common data security risks and their real‑world impacts, helping organizations identify and remediate gaps before breaches occur.

access controlauditdata security
0 likes · 21 min read
12 Critical Data Security Risks Every Enterprise Must Address
Architect
Architect
Oct 12, 2024 · Information Security

Understanding ACL, ABAC, and RBAC: Choosing the Right Access Control Model

This article introduces three common permission models—ACL, ABAC, and RBAC—explaining their core concepts, how they manage user access through objects, attributes, or roles, and discusses the strengths and limitations of each approach for secure system design.

ABACACLAuthorization
0 likes · 8 min read
Understanding ACL, ABAC, and RBAC: Choosing the Right Access Control Model
Open Source Tech Hub
Open Source Tech Hub
Oct 1, 2024 · Backend Development

Build a Distributed Casbin Watcher with Workerman Redis in PHP

This guide explains how to implement a Casbin Watcher for distributed policy synchronization using Workerman's asynchronous Redis client in PHP, covering the underlying principles, required interfaces, code implementation, and a complete usage example with publish‑subscribe messaging.

CasbinDistributed SystemsPHP
0 likes · 7 min read
Build a Distributed Casbin Watcher with Workerman Redis in PHP
Selected Java Interview Questions
Selected Java Interview Questions
Sep 26, 2024 · Information Security

Understanding JWT Token Security: Threats and Mitigation Strategies

This article explains the fundamentals of JSON Web Tokens (JWT), compares token‑based authentication with traditional session authentication, outlines common security threats such as theft, replay, and forgery, and presents practical measures—including HTTPS, encryption, secure storage, short lifetimes, two‑factor authentication, and safe token refresh—to protect token integrity in modern web applications.

AuthenticationJWTWeb Security
0 likes · 14 min read
Understanding JWT Token Security: Threats and Mitigation Strategies
php Courses
php Courses
Aug 27, 2024 · Backend Development

Laravel Policy-Based Authorization: Creation, Registration, and Usage Guide

This article explains how Laravel's policy-based authorization works, covering policy creation, registration, usage in controllers and Blade, custom methods, response handling, guest user support, and testing, with full code examples for implementing secure and maintainable access control.

AuthorizationGateLaravel
0 likes · 5 min read
Laravel Policy-Based Authorization: Creation, Registration, and Usage Guide
Top Architect
Top Architect
Aug 25, 2024 · Information Security

RBAC Permission Analysis and Spring Security Integration with JWT

This article explains the concepts of role‑based access control (RBAC), compares RBAC models, shows how to configure permissions and user groups, and provides step‑by‑step code examples for integrating Spring Security with JWT, JSON login, password encryption and database authentication in Java backend applications.

Backend DevelopmentJWTJava
0 likes · 20 min read
RBAC Permission Analysis and Spring Security Integration with JWT
21CTO
21CTO
Aug 23, 2024 · Information Security

Why Do Companies Fail at Data Security? Common Pitfalls and Solutions

This article examines why many enterprises repeatedly suffer data breaches, highlighting common security flaws such as manual permission management, account sharing, lack of least‑privilege, insufficient environment isolation, weak audit logging, and offers practical recommendations to strengthen information security.

Audit loggingZero Trustaccess control
0 likes · 14 min read
Why Do Companies Fail at Data Security? Common Pitfalls and Solutions
Top Architect
Top Architect
Aug 13, 2024 · Information Security

Understanding Permission Management and RBAC Models

This article explains why permission management is essential for data security, describes various permission models including standard RBAC, role inheritance, constraints, user groups, organizations, and positions, and provides detailed database table designs for implementing an ideal RBAC system in complex enterprises.

RBACRole InheritanceSecurity Model
0 likes · 20 min read
Understanding Permission Management and RBAC Models
Top Architect
Top Architect
Jul 30, 2024 · Information Security

Understanding RBAC and Implementing Spring Security with JWT in Java

This article explains the concepts and models of Role‑Based Access Control (RBAC), demonstrates how to configure Spring Security for in‑memory and JWT‑based authentication, and provides complete Java code examples for permissions, user groups, password encryption, and custom login filters.

AuthenticationJWTJava
0 likes · 18 min read
Understanding RBAC and Implementing Spring Security with JWT in Java
Software Development Quality
Software Development Quality
Jul 20, 2024 · R&D Management

How to Build an Effective R&D Documentation Management System

This guideline outlines a comprehensive R&D documentation management framework covering classification, naming conventions, version control, storage, backup, access permissions, content standards, update procedures, and rigorous review and publishing processes to enhance transparency, efficiency, quality, and data security in development projects.

R&D managementVersion Controlaccess control
0 likes · 6 min read
How to Build an Effective R&D Documentation Management System
macrozheng
macrozheng
Jul 4, 2024 · Information Security

Mastering Access Control: 5 Core Permission Models and Practical RBAC Design

This article explains the fundamentals of access control by reviewing five major permission models—ACL, DAC, MAC, ABAC, and RBAC—then dives into RBAC extensions and practical guidelines for designing user, role, and permission management in real‑world systems, covering menu, operation, and data-level controls.

AuthorizationRBACSecurity Architecture
0 likes · 15 min read
Mastering Access Control: 5 Core Permission Models and Practical RBAC Design
Liangxu Linux
Liangxu Linux
Jun 29, 2024 · Information Security

How to Block SSH Logins for Specific Users, Groups, and IPs on Linux

This guide explains multiple Linux techniques—including nologin shells, sshd_config allow/deny lists, and hosts.allow/hosts.deny rules—to prevent selected users, groups, or IP addresses from logging in via SSH, with practical commands, examples, and a ready‑to‑run script.

LinuxSSHSecurity
0 likes · 11 min read
How to Block SSH Logins for Specific Users, Groups, and IPs on Linux
Top Architect
Top Architect
Jun 12, 2024 · Information Security

Understanding RBAC and Implementing Spring Security with JWT

This article explains the fundamentals of Role‑Based Access Control (RBAC), its model classifications, permission concepts, and user‑group usage, then demonstrates how to implement RBAC in a Spring Security application, including in‑memory authentication, JWT integration, JSON login, and password encryption techniques.

AuthenticationJWTJava
0 likes · 17 min read
Understanding RBAC and Implementing Spring Security with JWT
Su San Talks Tech
Su San Talks Tech
Jun 3, 2024 · Information Security

Mastering Access Control: 5 Core Permission Models Explained

This article introduces the five mainstream access‑control models—ACL, DAC, MAC, ABAC, and RBAC—explaining their principles, real‑world examples, drawbacks, and how RBAC can be extended and applied in practical user, role, and permission management systems.

AuthorizationRBACSecurity
0 likes · 14 min read
Mastering Access Control: 5 Core Permission Models Explained
DataFunTalk
DataFunTalk
May 19, 2024 · Big Data

Tencent's Multi-Engine Unified Metadata and Permission Management for Big Data

This article introduces Tencent's Big Data Processing Suite (TBDS), discusses challenges of data silos, and presents Gravitino's open‑source unified metadata service and permission model, detailing how it integrates Hadoop, MPP, and various catalog plugins to provide consistent access control across heterogeneous data platforms.

Big DataGravitinoHadoop
0 likes · 12 min read
Tencent's Multi-Engine Unified Metadata and Permission Management for Big Data
Architect's Guide
Architect's Guide
May 19, 2024 · Information Security

RBAC Permission Analysis and Spring Security Integration with JWT

This article explains the fundamentals of role‑based access control (RBAC), its model variants, and user‑group usage, then demonstrates how to configure Spring Security with in‑memory authentication, integrate JWT for stateless token‑based authentication, customize JSON login, and securely encrypt passwords using BCrypt.

AuthenticationBackendJWT
0 likes · 15 min read
RBAC Permission Analysis and Spring Security Integration with JWT
Open Source Linux
Open Source Linux
May 13, 2024 · Information Security

What Is a Bastion Host and Why It’s Critical for Secure Operations

This article explains what a bastion host (jump server) is, why it evolved from traditional jump servers, its core 4A design (authentication, authorization, account, audit), deployment options, common features, authentication methods, and how open‑source and commercial solutions differ, helping organizations improve security and compliance.

AuthenticationBastion HostOperations
0 likes · 10 min read
What Is a Bastion Host and Why It’s Critical for Secure Operations
Architects Research Society
Architects Research Society
May 6, 2024 · Information Security

Hierarchical Security Model: Manager and Position Hierarchies in Microsoft Dataverse

This article explains how the hierarchical security model in Microsoft Dataverse extends existing security mechanisms by introducing manager and position hierarchies, details their configuration, access rules, performance tips, and how to include or exclude records of disabled users.

Microsoft Dataverseaccess controlhierarchical security
0 likes · 14 min read
Hierarchical Security Model: Manager and Position Hierarchies in Microsoft Dataverse
Architect's Guide
Architect's Guide
May 6, 2024 · Information Security

Designing Permission Management and RBAC Models

This article explains why permission management is essential for data security, describes various permission models including basic RBAC, role inheritance, constrained RBAC, and how to combine them with user groups, organizations, and positions, and provides database table designs for both standard and ideal RBAC implementations.

Database designRBACRole Inheritance
0 likes · 15 min read
Designing Permission Management and RBAC Models
Alibaba Cloud Native
Alibaba Cloud Native
Apr 19, 2024 · Information Security

Securing Nacos with Zero‑Trust: TLS, Encryption, and Access Control

This article explains how to protect Nacos configuration data by applying zero‑trust principles, covering transport encryption with TLS, storage encryption using plugins, and fine‑grained access control through authentication and RBAC, while providing practical configuration steps.

Configuration SecurityNacosRBAC
0 likes · 18 min read
Securing Nacos with Zero‑Trust: TLS, Encryption, and Access Control
Alibaba Cloud Native
Alibaba Cloud Native
Apr 18, 2024 · Cloud Native

What’s New in RocketMQ ACL 2.0? A Deep Dive into Features, Architecture, and Configuration

This article explains the motivations behind RocketMQ ACL 2.0, outlines its six major enhancements—including fine‑grained API permissions, flexible matching modes, and cluster‑wide access control—details the RBAC/ABAC model, authentication and authorization workflows, configuration examples, command‑line usage, and migration strategies, and discusses future planning for the access control system.

ACLAuthenticationAuthorization
0 likes · 24 min read
What’s New in RocketMQ ACL 2.0? A Deep Dive into Features, Architecture, and Configuration
Selected Java Interview Questions
Selected Java Interview Questions
Apr 2, 2024 · Information Security

Understanding Permission Management and RBAC Models

This article explains why permission management is essential for data security, describes various permission models including classic RBAC, role inheritance, constrained RBAC, and discusses practical extensions such as user groups, organizations, positions, and provides database schema designs for both standard and ideal RBAC implementations.

AuthorizationRBACRole-Based Access Control
0 likes · 19 min read
Understanding Permission Management and RBAC Models
Architect
Architect
Mar 20, 2024 · Information Security

RBAC Permission Analysis and Spring Security JWT Integration Tutorial

This tutorial explains RBAC concepts and model classifications, demonstrates permission and user‑group management, and provides step‑by‑step guidance for implementing Spring Security with in‑memory authentication, JWT integration, JSON login, password encryption, and database authentication using Java code examples.

JWTJavaPassword Encryption
0 likes · 18 min read
RBAC Permission Analysis and Spring Security JWT Integration Tutorial
Aikesheng Open Source Community
Aikesheng Open Source Community
Mar 19, 2024 · Information Security

Risks of Granting MySQL Authentication Table Permissions and How to Mitigate Them

The article explains how granting ordinary MySQL users full access to authentication tables can lead to severe privilege‑escalation risks, demonstrates the issue with concrete scenarios, and provides mitigation strategies including the use of MySQL 8.0 partial revokes and the principle of least privilege.

Partial Revokesaccess controlinformation security
0 likes · 9 min read
Risks of Granting MySQL Authentication Table Permissions and How to Mitigate Them
Top Architect
Top Architect
Mar 12, 2024 · Information Security

Why Permission Management Is Needed and How to Design RBAC Models

The article explains the necessity of strict permission management in enterprises, introduces various permission models such as basic RBAC, role‑inheritance RBAC and constrained RBAC, and provides detailed table designs and best‑practice recommendations for implementing scalable and secure access control systems.

RBACRole-Based Access Controlaccess control
0 likes · 22 min read
Why Permission Management Is Needed and How to Design RBAC Models
政采云技术
政采云技术
Jan 23, 2024 · Big Data

Design and Implementation of a Big Data Permission Management System

This article outlines the background, importance, scenarios, challenges, objectives, and architectural design—including RBAC and ABAC models, metadata integration, data classification, and verification mechanisms—of a comprehensive big data permission management system for secure and fine‑grained data access.

ABACBig DataRBAC
0 likes · 14 min read
Design and Implementation of a Big Data Permission Management System
Architect
Architect
Jan 16, 2024 · Information Security

Designing Scalable Permission Models: From Basic RBAC to Advanced Role Inheritance

The article explains why strict permission management is essential, walks through classic RBAC, role inheritance, constraint handling, user groups, organization and position mapping, and presents both standard and ideal database schemas for building maintainable access‑control systems in complex enterprises.

Database designRBACRole Inheritance
0 likes · 19 min read
Designing Scalable Permission Models: From Basic RBAC to Advanced Role Inheritance
DeWu Technology
DeWu Technology
Dec 6, 2023 · Frontend Development

Permission Design for Front-end Monorepo in Large-Scale Development

The article presents a practical permission‑management strategy for a large‑scale front‑end monorepo that merges Git‑hook validation with GitLab’s protected branches and role‑based access, defines a clear directory hierarchy, outlines workflow controls, and explores extensions such as fine‑grained ACLs and file‑access logging to prevent unauthorized file changes.

Code reviewGitLabaccess control
0 likes · 17 min read
Permission Design for Front-end Monorepo in Large-Scale Development
FunTester
FunTester
Nov 20, 2023 · Information Security

Mastering Bulk API Access Control Testing with Burp Suite Auth Analyzer

This guide explains how to use Burp Suite's Auth Analyzer plugin to efficiently perform bulk API access‑control (broken access control) testing, covering vulnerability types, tool installation, step‑by‑step testing procedures, result analysis, and report export for improved software security.

API testingAuth AnalyzerAutomation
0 likes · 6 min read
Mastering Bulk API Access Control Testing with Burp Suite Auth Analyzer
政采云技术
政采云技术
Nov 2, 2023 · Information Security

Design and Implementation of a Multi‑System Data Permission Control System

This article describes a unified, configurable data‑permission framework built on RBAC, detailing its architecture, rule definition, integration workflow, Java SDK implementation, and practical examples to achieve flexible, low‑coupling access control across multiple backend systems.

Data PermissionJavaMyBatis
0 likes · 11 min read
Design and Implementation of a Multi‑System Data Permission Control System
Architect
Architect
Oct 30, 2023 · Information Security

How DuoLiXiong Built a Scalable Multi‑Platform RBAC Permission System

This article walks through DuoLiXiong’s three‑layer business architecture, identifies the challenges of managing permissions across dozens of platforms, explains the RBAC fundamentals and four model variants, details the concrete database schema and tree‑structured permission design, and explores row‑ and column‑level data permissions with practical examples.

BaiduData PermissionsPermission System
0 likes · 18 min read
How DuoLiXiong Built a Scalable Multi‑Platform RBAC Permission System
Architecture Digest
Architecture Digest
Oct 25, 2023 · Information Security

RBAC Permission Analysis and Spring Security Implementation Guide (including JWT and JSON Login)

This article explains the fundamentals of Role‑Based Access Control (RBAC), its model variants, permission concepts, and user‑group usage, then demonstrates practical Spring Security setups ranging from simple in‑memory authentication to JWT integration, JSON‑based login, password encryption, and database‑backed authentication with full code examples.

AuthorizationJWTJava
0 likes · 18 min read
RBAC Permission Analysis and Spring Security Implementation Guide (including JWT and JSON Login)