1 views collected around this technical thread.
The article outlines the DKCF (Data‑Knowledge‑Collaboration‑Feedback) trustworthy framework presented at the 2024 Shanghai Cybersecurity Expo, detailing challenges of large AI models, four key trust factors, and Ant Group's practical security implementations for professional AI deployments.
The jointly authored 2024 Large Model Security Practice whitepaper, released at the World AI Conference, outlines a comprehensive safety framework covering security, reliability, and controllability, presents industry case studies, and proposes a five‑dimensional governance model to guide high‑quality development of large AI models.
The article outlines a comprehensive government data processing security framework—including management, technical, personal information protection, operational, regulatory, and assessment requirements—that offers reusable, practical guidance for data security across various sectors.
This guide outlines a complete data security architecture, covering protection systems, design principles, overall framework concepts, management and technical systems, and operational processes, emphasizing holistic, lifecycle‑focused strategies rather than isolated security domains.
This whitepaper outlines JD.com's practical zero‑trust security approach, detailing a five‑element framework that includes asset digitization, asset identity, diversified security checkpoints, a strategy center, and a zero‑trust cockpit, to help digital enterprises strengthen security, reduce costs, and meet regulatory requirements.
Enterprise Information Security Architecture (EISA) provides a structured framework that links business drivers with technical guidance through three perspectives—business, information, and technology—detailing its documentation layers, strategic approaches, and the integration of security into overall enterprise architecture to enable effective, iterative security programs.
The article explains the Enterprise Information Security Architecture (EISA) framework, its three-dimensional view, the three-layer documentation (requirements, principles, models), various strategic approaches to building security architecture, and how it integrates with enterprise architecture to form an effective, iterative security program.
This article compares Apache Shiro and Spring Security, outlining each framework's core features, execution workflow, and strengths, and provides guidance on selecting the appropriate solution based on project size, Spring adoption, and development timeline.
This article compares Apache Shiro and Spring Security, outlining each framework's features, execution flow, and strengths, and provides guidance on when to choose Shiro for lightweight, framework-agnostic projects versus Spring Security for deeper Spring integration and broader community support.
This article explains Apache Shiro's core architecture, demonstrates how to create authentication tokens, configure realms with caching and hashing, and shows step‑by‑step integration with Spring MVC including filter setup and login controller code.
This article explores the concept of permissions, distinguishes their noun and verb attributes, outlines minimal‑privilege and data‑abstraction principles, examines server‑side versus client‑side access control, discusses role‑based access control and table design, and compares common Java security frameworks.