BestHub
Sign in
Tagged articles
25 articles
Page 1 of 1
Digital Planet
Digital Planet
Apr 29, 2026 · Backend Development

Why Traditional Code‑Issuing Platforms’ Permission Design Is Doomed to Fail

The article explains how the hard‑coded, role‑bound permission model of traditional code‑issuing platforms collapses when an organization’s structure changes, and shows how a three‑layer decoupled architecture can provide fine‑grained, configurable access that turns the platform into true enterprise infrastructure.

Identity ManagementPermission DesignRole-Based Access Control
0 likes · 12 min read
Why Traditional Code‑Issuing Platforms’ Permission Design Is Doomed to Fail
ByteDance SE Lab
ByteDance SE Lab
Apr 15, 2026 · Information Security

Why Traditional IAM Fails for Agentic AI and How New Identity Frameworks Secure OpenClaw

The rapid rise of autonomous AI agents like OpenClaw exposes severe security gaps—over‑privileged access, unauthenticated public instances, and one‑click RCE—forcing a rethink of identity‑centric IAM designs that can protect agents through propagation, secretless auth, context awareness, and intent‑aware authorization.

AI securityAgentic AIIAM
0 likes · 15 min read
Why Traditional IAM Fails for Agentic AI and How New Identity Frameworks Secure OpenClaw
Architect Chen
Architect Chen
Dec 25, 2025 · Information Security

Understanding Single Sign-On (SSO): Architecture, Components, and Workflow

This article explains the fundamentals of Single Sign-On (SSO), detailing its centralized authentication principle, the roles of CAS Server, CAS Client, and browser, and walks through the complete login flow with diagrams and code snippets for distributed systems.

AuthenticationCASDistributed Systems
0 likes · 4 min read
Understanding Single Sign-On (SSO): Architecture, Components, and Workflow
Lobster Programming
Lobster Programming
Dec 23, 2025 · Information Security

Understanding the Difference Between SSO and OAuth2.0: Authentication vs Authorization

SSO (Single Sign‑On) and OAuth2.0 are both widely used identity frameworks; SSO handles user authentication across multiple applications with a single login, while OAuth2.0 is an authorization protocol that lets users grant third‑party apps limited access to resources without sharing passwords.

AuthenticationAuthorizationIdentity Management
0 likes · 6 min read
Understanding the Difference Between SSO and OAuth2.0: Authentication vs Authorization
Linux Ops Smart Journey
Linux Ops Smart Journey
Oct 28, 2025 · Operations

Enable Keycloak SSO for Nightingale Monitoring with OAuth2/OIDC

This guide walks you through configuring Keycloak as an OAuth2/OIDC identity provider for Nightingale monitoring, covering prerequisites, client and user creation in Keycloak, Nightingale OIDC settings, and verification steps to achieve seamless single sign‑on in enterprise environments.

Identity ManagementKeycloakOAuth2
0 likes · 6 min read
Enable Keycloak SSO for Nightingale Monitoring with OAuth2/OIDC
IT Architects Alliance
IT Architects Alliance
Oct 12, 2025 · Information Security

How to Secure Cross‑Region Access in Cloud Environments with Zero Trust

This article explores the complexities of cross‑region access control in cloud architectures, detailing latency, identity consistency, and policy uniformity challenges, and presents zero‑trust designs, distributed identity storage, multi‑layer encryption, edge policy execution, and monitoring strategies to achieve secure, high‑performance global access.

Identity ManagementPolicy Enginecloud security
0 likes · 12 min read
How to Secure Cross‑Region Access in Cloud Environments with Zero Trust
Architect
Architect
Jul 10, 2024 · Information Security

Evolution and Design of Login Authentication Systems

This article examines the historical evolution of login authentication technologies, from simple cookie‑based methods to token mechanisms, unified account centers, OAuth 2.0, and modern one‑click solutions, while discussing design considerations, security challenges, and future trends such as AI‑driven identity verification.

Identity ManagementOAuthToken
0 likes · 12 min read
Evolution and Design of Login Authentication Systems
Java High-Performance Architecture
Java High-Performance Architecture
May 17, 2024 · Information Security

How MaxKey SSO Delivers Secure, Scalable Single Sign‑On for Enterprises

MaxKey is an enterprise‑grade single sign‑on solution that supports OAuth 2.x, OpenID Connect, SAML 2.0, JWT, CAS and SCIM, offering secure identity management, RBAC, multi‑tenant capabilities, robust password policies, brute‑force protection, session control, and BCrypt‑based password encryption.

AuthenticationIdentity ManagementOAuth
0 likes · 11 min read
How MaxKey SSO Delivers Secure, Scalable Single Sign‑On for Enterprises
Baidu Geek Talk
Baidu Geek Talk
Apr 1, 2024 · Information Security

How Login Authentication Evolved: From Cookies to Tokens and One‑Click Solutions

This article traces the evolution of login authentication—from simple username/password and cookie storage to token‑based, OAuth, and sub‑token architectures—while presenting practical one‑click login methods such as carrier mobile verification, trusted device history, and facial recognition, and it looks ahead to AI‑driven, privacy‑focused identity systems.

Identity ManagementOAuthToken
0 likes · 14 min read
How Login Authentication Evolved: From Cookies to Tokens and One‑Click Solutions
21CTO
21CTO
Dec 28, 2022 · Information Security

Okta’s Private GitHub Repo Breached: Source Code Stolen but Services Remain Safe

Okta disclosed that attackers copied source code from its private GitHub repositories, yet the breach did not affect its services, customer data, or HIPAA, FedRAMP, and DoD customers, and the company took immediate remedial actions to secure its accounts.

GitHub breachIdentity ManagementInformation Security
0 likes · 4 min read
Okta’s Private GitHub Repo Breached: Source Code Stolen but Services Remain Safe
Architecture Digest
Architecture Digest
Nov 25, 2022 · Information Security

Design of a Standardized Token‑Based Authentication System Using OAuth2 and JWT

The article explains why enterprises need a unified account management system, defines key authentication terms, outlines the advantages of token‑based security, describes a complete OAuth2 password‑grant flow with JWT, and presents the technical choices and interface designs for implementing a robust, cross‑service authentication solution.

Identity ManagementJWTOAuth2
0 likes · 10 min read
Design of a Standardized Token‑Based Authentication System Using OAuth2 and JWT
IT Architects Alliance
IT Architects Alliance
Oct 11, 2022 · Information Security

Understanding SSO: When to Choose SAML vs OAuth2 & OIDC

This article explains the fundamentals of Single Sign‑On (SSO), compares the two most common protocols—SAML and OAuth2 (with OpenID Connect)—covers their terminology, workflows, benefits, and provides guidance on which to use in different scenarios.

AuthenticationIdentity ManagementOAuth2
0 likes · 10 min read
Understanding SSO: When to Choose SAML vs OAuth2 & OIDC
Qingyun Technology Community
Qingyun Technology Community
Jan 28, 2022 · Operations

How to Build an Efficient Organization Data Sync Service to Cut Costs and Boost Security

This article explains why many enterprises struggle with fragmented user management across multiple systems, outlines the prerequisites for a centralized organization center, and details practical full‑sync and incremental sync schemes, strategies, and transactional safeguards to achieve seamless, secure personnel data synchronization.

Backend ArchitectureIdentity ManagementSystem Integration
0 likes · 9 min read
How to Build an Efficient Organization Data Sync Service to Cut Costs and Boost Security
Programmer DD
Programmer DD
Sep 7, 2021 · Information Security

Understanding Keycloak Realms: Isolation, Management, and Best Practices

This article explains what a Keycloak Realm is, when to use it, the role of the built‑in Master Realm, how to create and manage additional Realms, and practical methods for setting up Realm‑specific admin accounts using both Master users and realm client users.

AuthenticationIdentity ManagementKeycloak
0 likes · 6 min read
Understanding Keycloak Realms: Isolation, Management, and Best Practices
21CTO
21CTO
Aug 19, 2021 · Information Security

Comparing Top SaaS Identity Management Solutions: Okta, Auth0, and Frontegg

This article reviews three leading SaaS user‑management platforms—Okta, Auth0, and Frontegg—detailing their features, advantages, pricing, and differences in multi‑tenant support, social login, and plug‑in capabilities to help developers choose the best solution for their applications.

AuthenticationIdentity ManagementSSO
0 likes · 8 min read
Comparing Top SaaS Identity Management Solutions: Okta, Auth0, and Frontegg
Programmer DD
Programmer DD
Jul 9, 2021 · Information Security

Hands‑On Keycloak: Install, Explore Realms & Users with Docker

This article walks you through installing Keycloak 14.0.0 via Docker, configuring the admin console, creating custom realms and users, and explains core concepts such as realms, authentication, authorization, roles, groups, clients, and identity providers for practical security integration.

AuthenticationAuthorizationDocker
0 likes · 8 min read
Hands‑On Keycloak: Install, Explore Realms & Users with Docker
Programmer DD
Programmer DD
Jul 8, 2021 · Information Security

Keycloak Explained: Powerful Open‑Source SSO Solution, Pros & Cons

Keycloak, Red Hat’s open‑source identity and access management platform, offers a comprehensive SSO solution with extensive protocols, admin UI, Spring Security integration, and customizable features, but its complexity and steep learning curve may pose challenges for smaller projects.

AuthenticationAuthorizationIdentity Management
0 likes · 7 min read
Keycloak Explained: Powerful Open‑Source SSO Solution, Pros & Cons
Efficient Ops
Efficient Ops
Jul 7, 2020 · Information Security

Securing Operations with JD Cloud’s Bastion Host: Design, Challenges & Deployment

This article reviews JD Cloud’s bastion host solution presented at the 2020 Global New‑Generation Software Engineering Summit, detailing the security challenges of modern operations, compliance requirements, design principles, cloud‑native architecture, and real‑world deployments in enterprises and finance.

Bastion HostCloud NativeIdentity Management
0 likes · 15 min read
Securing Operations with JD Cloud’s Bastion Host: Design, Challenges & Deployment
Tencent Cloud Developer
Tencent Cloud Developer
Jun 9, 2020 · Blockchain

Tencent Cloud Blockchain Engine Architecture: High-Performance, Secure, and Scalable Blockchain Technology Implementation

Tencent Cloud Blockchain Engine delivers a high‑performance, secure, and scalable three‑layer SMR architecture that enables massive cross‑organizational collaboration through hierarchical governance, BFT consensus, homomorphic encryption, zero‑knowledge proofs, and efficient cross‑chain transaction and identity management, supporting 20,000+ TPS and diverse government, education, healthcare, and copyright use cases.

Consensus AlgorithmIdentity ManagementSMR System
0 likes · 15 min read
Tencent Cloud Blockchain Engine Architecture: High-Performance, Secure, and Scalable Blockchain Technology Implementation
Zhongtong Tech
Zhongtong Tech
Dec 7, 2018 · Information Security

Designing a Cloud‑Native IAM for Zero‑Trust Security at a Leading Courier

This article explains how ZTO Express built a cloud‑native Identity and Access Management platform to support zero‑trust security, detailing business‑driven risk challenges, design goals, core modules such as identity space, account system, organization support, integration, authorization, micro‑service security, certificate management, automated auditing, and a mobile app.

Cloud NativeIAMIdentity Management
0 likes · 17 min read
Designing a Cloud‑Native IAM for Zero‑Trust Security at a Leading Courier
Alibaba Cloud Developer
Alibaba Cloud Developer
Apr 10, 2018 · Blockchain

How Hyperledger Fabric Solves Trust Issues in Supply Chain Finance

Hyperledger Fabric, an open‑source blockchain framework from the Linux Foundation, provides immutable ledgers, consensus mechanisms, and identity management to address trust challenges in scenarios like inter‑bank settlement and supply‑chain finance, detailing its data structures, modules, transaction flow, and core services.

BlockchainConsensusIdentity Management
0 likes · 19 min read
How Hyperledger Fabric Solves Trust Issues in Supply Chain Finance
Efficient Ops
Efficient Ops
May 4, 2016 · Operations

How to Build a Scalable OpenLDAP‑Based Unified Identity System for Enterprise Operations

This article walks through the evolution of a unified identity authentication system built on OpenLDAP, covering initial password‑management pain points, design decisions involving PAM and sudo, role‑based access control, multi‑IDC distributed deployment, security hardening with TLS and anti‑brute‑force measures, and practical host‑restriction techniques for reliable, secure operations.

Identity ManagementOpenLDAPPrivilege Management
0 likes · 15 min read
How to Build a Scalable OpenLDAP‑Based Unified Identity System for Enterprise Operations