security architecture

DataFunSummit

Feb 13, 2025 · Information Security

Building and Optimizing a Comprehensive Security System: Practices, Innovations, and Future Outlook

This article presents a detailed walkthrough of constructing a robust security architecture, covering single‑person security team strategies, risk perception and quantification, rapid incident response, automated detection, precise strike mechanisms, deterrence tactics, and forward‑looking plans for intelligent, data‑driven risk management.

automationfraud detectionincident response

0 likes · 21 min read

Building and Optimizing a Comprehensive Security System: Practices, Innovations, and Future Outlook

macrozheng

Jul 4, 2024 · Information Security

Mastering Access Control: 5 Core Permission Models and Practical RBAC Design

This article explains the fundamentals of access control by reviewing five major permission models—ACL, DAC, MAC, ABAC, and RBAC—then dives into RBAC extensions and practical guidelines for designing user, role, and permission management in real‑world systems, covering menu, operation, and data-level controls.

RBACaccess controlauthorization

0 likes · 15 min read

Mastering Access Control: 5 Core Permission Models and Practical RBAC Design

Architects Research Society

May 12, 2024 · Information Security

CISSP‑ISSAP Certification Overview, Exam Details, and Preparation Resources

The article outlines the CISSP‑ISSAP certification for security architects, detailing exam format, passing score, target audience, prerequisites, and a range of preparation resources including official guides, online courses, books, community forums, and practice tests to help candidates succeed.

CISSP-ISSAPCertificationexam preparation

0 likes · 7 min read

CISSP‑ISSAP Certification Overview, Exam Details, and Preparation Resources

Xiaohongshu Tech REDtech

Dec 13, 2023 · Information Security

XiaoHongShu’s Zero Trust SASE Office Security Solution: Architecture, Challenges, and Implementation

XiaoHongShu’s award‑winning Zero‑Trust SASE Office Security Solution integrates all‑in‑one DLP, anti‑virus, identity‑bound access and distributed POPs to replace fragmented agents, delivering real‑time risk control, data‑non‑landing protection, multi‑level disaster recovery, and achieving 100% device coverage, an 80% reduction in data leakage and a 70% internal NPS after one year.

Data SecurityNetwork SecurityOffice Security

0 likes · 14 min read

XiaoHongShu’s Zero Trust SASE Office Security Solution: Architecture, Challenges, and Implementation

Architects Research Society

Nov 1, 2023 · Information Security

Roles and Responsibilities of a Security Architecture Team

The article outlines the composition and responsibilities of a security architecture team, detailing the roles of Security Architect, Information Security Architect, CISO, and Security Analyst, their required business and technical skills, risk management, threat modeling, and how they integrate with enterprise architecture.

CISOSecurity RolesThreat Modeling

0 likes · 11 min read

Roles and Responsibilities of a Security Architecture Team

Architects Research Society

Oct 29, 2023 · Information Security

Security Requirement Vision, Strategic Security Architecture Principles, and Formalizing Security Processes

The article explains how to define security requirements within business context, outlines strategic security architecture principles, distinguishes governance, management and operations, and describes the steps and components needed to formalize and prioritize effective security processes for an organization.

Processesgovernanceinformation security

0 likes · 9 min read

Security Requirement Vision, Strategic Security Architecture Principles, and Formalizing Security Processes

High Availability Architecture

Aug 28, 2023 · Information Security

Design and Implementation of a Unified Permission Management Service (MPS)

This article presents a comprehensive design and development of Baidu's Unified Permission Management Service (MPS), detailing its requirement analysis, technical selection, hybrid RBAC/ACL/DAC model, functional modules, implementation specifics, and operational results that demonstrate its effectiveness in consolidating enterprise-wide access control.

ACLBackend ServiceDAC

0 likes · 16 min read

Design and Implementation of a Unified Permission Management Service (MPS)

AntTech

Jul 19, 2023 · Information Security

IEEE 2952-2023 Standard for Secure Computing Based on Trusted Execution Environment – Technical Overview

The IEEE 2952-2023 standard, jointly released by Ant Group and multiple partners, defines a comprehensive technical framework for secure computing using Trusted Execution Environments, covering isolation, confidentiality, compatibility, performance, availability, and security, and outlines reference implementations, cluster management, and remote attestation mechanisms.

IEEE Standardconfidential computingsecure computing

0 likes · 7 min read

IEEE 2952-2023 Standard for Secure Computing Based on Trusted Execution Environment – Technical Overview

Architects Research Society

Jun 10, 2023 · Information Security

Roles and Responsibilities of a Security Architecture Team

The article outlines the composition of a security architecture team, detailing the roles of security architect, information security architect, chief information security officer, and security analyst, along with their business and technical skills, organizational relationships, and key responsibilities in managing enterprise security.

CISOSecurity Analystinformation security

0 likes · 13 min read

Xiaohongshu Tech REDtech

Feb 8, 2023 · Information Security

Exploring and Practicing Community Anti-Cheat Strategies at Xiaohongshu

The presentation outlines Xiaohongshu’s comprehensive community anti‑cheat strategy, defining cheating risks across industries, mapping the black‑gray ecosystem, and detailing a five‑module framework—risk perception, capability building, identification, mitigation, and evaluation—implemented via layered data architecture and multi‑stage detection to protect platform integrity.

anti-cheatdata analysisfraud detection

0 likes · 17 min read

Exploring and Practicing Community Anti-Cheat Strategies at Xiaohongshu

Architecture Digest

Nov 25, 2022 · Information Security

Design of a Standardized Token‑Based Authentication System Using OAuth2 and JWT

The article explains why enterprises need a unified account management system, defines key authentication terms, outlines the advantages of token‑based security, describes a complete OAuth2 password‑grant flow with JWT, and presents the technical choices and interface designs for implementing a robust, cross‑service authentication solution.

Identity ManagementJWTOAuth2

0 likes · 10 min read

Design of a Standardized Token‑Based Authentication System Using OAuth2 and JWT

AntTech

Jun 21, 2022 · Information Security

Zero Trust Security Model and Technical Architecture for Ant Financial Office

This article examines the evolution from traditional perimeter‑based security to zero‑trust models, compares their advantages, presents industry case studies, and details Ant Financial’s integrated zero‑trust architecture—including SDP, IAM, and micro‑segmentation—along with implementation practices and future outlook.

Enterprise SecurityIAMMicro Segmentation

0 likes · 17 min read

Zero Trust Security Model and Technical Architecture for Ant Financial Office

Top Architect

May 23, 2022 · Information Security

Designing a Unified Token‑Based Authentication System Using OAuth2 and JWT

The article explains how to design a unified, token‑based authentication system for enterprise applications, covering OAuth2 password grant, JWT usage, token issuance, validation, renewal processes, and interface design, while highlighting the benefits of stateless security and cross‑service single sign‑on.

JWTOAuth2access control

0 likes · 10 min read

Designing a Unified Token‑Based Authentication System Using OAuth2 and JWT

Weimob Technology Center

May 12, 2022 · Information Security

Securing Enterprise Data: Inside WKMS’s Scalable Key Management and Encryption Architecture

This article explains how WKMS addresses rising data‑protection regulations by offering a hierarchical key‑management service, masking SDK, AES‑based encryption, robust disaster‑recovery, and high‑throughput performance testing, illustrating a secure yet scalable solution for modern enterprises.

cloud nativedata encryptioninformation security

0 likes · 10 min read

Securing Enterprise Data: Inside WKMS’s Scalable Key Management and Encryption Architecture

Architecture Digest

Apr 14, 2022 · Information Security

Zero Trust Architecture: Concepts, Implementation Models, and Deployment Practices

This article provides a comprehensive overview of zero‑trust security, explaining its core principles, SDP‑based architecture, three main implementation models (application‑layer proxy, traffic‑layer proxy, and hybrid), various deployment scenarios, and practical guidance for enterprise adoption.

Enterprise SecurityNetwork SecuritySDP

0 likes · 13 min read

Zero Trust Architecture: Concepts, Implementation Models, and Deployment Practices

DevOps

Apr 14, 2022 · Information Security

Threat Modeling: Skills, Methodology, and Long-Term Challenges for Security Architects

The article explains threat modeling as a security‑by‑design practice, outlines the scarce talent pool for senior architects, describes a DFD‑based methodology with STRIDE analysis, and discusses the balance between experiential and methodological approaches to building robust, long‑term security models.

DFDSTRIDEThreat Modeling

0 likes · 9 min read

Threat Modeling: Skills, Methodology, and Long-Term Challenges for Security Architects

IT Architects Alliance

Jun 14, 2021 · Fundamentals

Typical Software Architecture Diagrams: Application, Technical, Security, and Deployment

This article presents typical examples of software architecture diagrams—including application, technical, security, and deployment views—to help developers understand and reference common architectural patterns in everyday project development.

application architecturedeployment architecturesecurity architecture

0 likes · 2 min read

Typical Software Architecture Diagrams: Application, Technical, Security, and Deployment

Architects Research Society

Feb 24, 2021 · Information Security

Security Architecture Team: Roles, Skills, and Responsibilities

The security architecture team consists of security architects, information security architects, chief information security officers, and security analysts, each with distinct business and technical responsibilities, risk‑management and threat‑modeling skills, and a collaborative relationship with enterprise architecture to ensure secure, compliant solutions.

CISOThreat Modelingenterprise architecture

0 likes · 11 min read

Security Architecture Team: Roles, Skills, and Responsibilities

Architects Research Society

Jun 20, 2020 · Information Security

Security Requirements Vision and Strategic Security Architecture Principles

The article outlines the importance of defining security requirements within business context, presents the Security Requirements Vision (SRV) components, describes strategic security architecture principles, differentiates security governance, management and operations, and details formalizing security processes with ownership, documentation, integration, roles, and automation opportunities.

Process Formalizationgovernanceinformation security

0 likes · 8 min read

Security Requirements Vision and Strategic Security Architecture Principles

Java Captain

Jun 3, 2019 · Information Security

Designing Role-Based Access Control and Permission Data Model

This article explains the fundamentals of role‑based access control, how roles and permissions are structured, the use of user groups to simplify large‑scale authorizations, and presents a comprehensive database schema—including tables for users, roles, permissions, resources, and logs—to support flexible and extensible permission management.

Database DesignRBACaccess control

0 likes · 6 min read

Designing Role-Based Access Control and Permission Data Model