架构不是功能,而是规则如何运行Architecture is not a feature, but how rules run
如果身份定义了规则,架构决定这些规则如何被组织、部署、扩展和治理。它决定你是一个工具,还是企业级基础设施层。If identity defines rules, architecture decides how those rules are organized, deployed, scaled, and governed. It determines whether you are a tool or an infrastructure layer.
架构解决的问题Questions Architecture Must Solve
关键架构决策点Key Architecture Decisions
租户模型Tenancy Model
支持单租户与多租户隔离策略,适配不同监管等级。Support single-tenant and multi-tenant isolation for regulatory needs.
集成方式Integration Model
通过 OIDC/OAuth/SCIM/API 与现有系统平滑衔接。Integrate with existing systems via OIDC/OAuth/SCIM/API.
跨云部署Cross-cloud Deployment
支持多区域、多云与混合部署,保持统一策略控制。Run across regions and clouds with consistent policy control.
信任边界Trust Boundaries
明确身份、数据、动作三个边界并持续验证。Define and continuously verify identity, data, and action boundaries.
零信任支持Zero Trust Support
在访问链路中实时评估上下文风险并动态执行策略。Evaluate context risk in real time and enforce dynamic controls.
高可用扩展HA and Scalability
支持高可用、故障切换、弹性扩容与可观测运维。Enable HA, failover, autoscaling, and observable operations.
| 层级Layer | 作用Purpose | 关系Relationship |
|---|---|---|
| 第一层:身份Layer 1: Identity | 定义信任规则Defines trust rules | 回答谁可进入、谁有权限、如何审计撤销Defines access, permissions, audit, and revocation |
| 第二层:架构Layer 2: Architecture | 运行信任规则Runs trust rules | 组织部署方式、信任边界、扩展与可用性Organizes deployment, boundaries, scale, and resilience |
| 第三层:AI 智能体Layer 3: AI Agents | 扩展治理对象Extends governed principals | 将非人主体纳入身份规则与审计链Brings non-human principals into identity governance |
战略表达Strategic Positioning
我们提供统一身份架构。AI 智能体是被纳入治理的主体之一,而不是独立产品线。We provide a unified identity architecture. AI agents are governed principals, not a standalone product line.
下一层:AI 智能体治理Next layer: AI agent governance
查看非人主体如何在同一身份规则下完成认证、授权、审计和撤销。See how non-human principals are authenticated, authorized, audited, and revoked under the same identity rules.