Authentication and Authorization (AuthN/AuthZ)
The distinction between verifying identity (authentication) and granting access permissions (authorization), including the AAA model.
Authentication
Azure AD B2C - Customer Identity and Access Management
Azure Active Directory B2C is a customer identity management service that provides authentication, authorization, and user profile …
Firebase - Mobile and Web Application Platform
Google Firebase is a comprehensive application development platform providing authentication, real-time databases, hosting, analytics, and …
Keycloak - Open-Source Identity and Access Management
Keycloak is an open-source identity and access management solution providing single sign-on, user federation, and identity brokering for …
OAuth
OAuth is an open standard for delegated authorization, originating from Blaine Cook and Chris Messina's work at Twitter in 2006-2007 and …
Supabase - Open-Source Firebase Alternative
Supabase is an open-source backend-as-a-service platform providing a PostgreSQL database, authentication, real-time subscriptions, storage, …
Zero Trust Architecture
What zero trust means, how it replaces perimeter-based security, and why AI model serving and data access require zero trust principles.
Zero Trust for AI Model Serving
Applying zero trust architecture to AI systems: securing inference endpoints, model artifact access, training data, and service-to-service …
Amazon Cognito - User Authentication for AI Apps
Amazon Cognito User Pools and Identity Pools: JWT token structure and expiry, MFA options, SAML/OIDC federation, Lambda triggers, rate …
Security Fundamentals
Authentication, authorization, encryption, the OWASP Top 10, and the zero trust model. The baseline security practices that every production …